You are assuming that harassment was direct, sending messages to the accusers. My impression is that this was a group chatting privately about the accusers either making fun of them or coordinating actions.

While this can be done through other channels (in person or private cellphone) allowing it on corporate infrastructure without monitoring is not acceptable.

If harassers, as you have mentioned, can simply switch to another channel, then what problem exactly is this measure trying to solve? I'm honestly confused.

Ass-covering. It should've been obvious as soon as HR was mentioned that this isn't about helping employees, harassed or not.

Before this change, would the company have been liable for harassing DMs on Slack, an unaffiliated service where they previously were not able to read peoples DMs?

> an unaffiliated service

Unaffiliated? The company a customer that is paying Slack for a messaging service, that certainly isn't 'unaffiliated'.

Friction. Yes they could use PGP messages. But most people are idiots and use the systems that are available and simple. If somebody needs to think "I've got to go through these extra steps to be an asshole" then they might think twice in the first place.

No need for PGP. Using any other messenger that won't give private information out for no reason would be enough.

It increases the friction of harrassment

No it doesn't. It literally just removes liability from the corporation.

If you've ever dealt with toxic work relationships, you know that stopping harassment isn't going to come down to how you are allowed to pass notes.

Because you could just forbid employees from using such other form of communication at work.

What's stopping the harassers from setting up a secondary Slack install for coordination of such nefarious ends?

The only use I can see for this would be evidence after the fact. Surveillance is almost never the proper way to enforce acceptable standards of behavior.

> What's stopping the harassers from setting up a secondary Slack install for coordination of such nefarious ends?

Company policy for one could be applicable.

You’re missing the point though, what you do with non-company provided tools is held to a different standard from officially blessed and sanctioned ones.

In that case, that would be absolutely none of your business. You're making assumptions and jumping to conclusion about what went on.

>> Only way to see it was to boot an offending intern from his work station and go into his Slack to see what was happening.

> Why couldn't you just ask the recipient to look on his station?

This is probably exactly what happened? I'm guessing they didn't physically pry the unwilling intern from his seat like he was passenger on United.

Did you miss his first (the second) paragraph?

I don't know about parent, but I did notice that! I saw it clearly written there. I read it and understood it. I understand that the person who wrote it believes it is sufficient to cover all relevant needs.

I would posit that this person may not be familiar with the importance of collecting evidence against possible future needs. An IT manager's testimony from memory, no matter how perfect, is not as useful as evidence collected in a technological manner at the time of offense.

With that in mind, walking over and looking at the intern's screen might be considered by some to be less than a full replacement.

No need to recite from memory when the log is trivially viewed or copied at a later date.

You're right! The log can be easily viewed or accessed later. This of course occasionally requires an annoying amount of screwing around with reactivating old accounts, resetting passwords, and so on. Irritating, but of course a price well worth paying for employee privacy.

With that said, is it perhaps possible that direct access is preferable for reasons other than sheer laziness? Chain of custody and provenance both come to mind as items that some enterprise users of Slack might find worthy of consideration in some circumstances. This is obviously not nearly as important as employee privacy, but still...

Reactivating accounts would only need to happen if the accuser had left immediately, which doesn't seem likely.

I think it is just that big companies have a way of doing things, are paying the bills, and employee privacy is close to last on their priority list—far behind CYA. They don't care that there is another potential solution.

A person leaving a company after filing a harassment complaint strikes me as very likely. I personally know people who have very precisely that. It's a very common scenario in large companies.

Having personally dealt with some of those companies and situations, I can tell you quite simply that people are definitely aware that there are other potential solutions. Such approaches are seen as not adequate for purpose. The reasons for this judgment are not merely arbitrary or capricious. They are broadly quite sound and reasonable, and I touched on them above in an effort to give you an opportunity to grow in your understanding of those you disagree with.

And yes, as you say, companies are far more interested in limiting liability than they are in employee privacy on company-controlled systems. It's not, as some might suggest, that employee privacy is not valued. It's a question of priorities, and companies tend to place being able to defend themselves and control their risks adequately over an employee's right to leverage their privacy and incur liability for the company.

Though I understand why some might prefer to dismiss the above and think of it as just another example of big, stupid, corporate laziness and refusing to consider alternatives.

Here's where you made a detour, agreeing and disagreeing with a side order of condescension.

A significant portion of folks stick around for a long time in a poor situation as it isn't so easy leave a job at a moment's notice. For those that don't there is the simple matter of not deleting everything. Nothing is actually deleted any more anyway. Brave new world.

Big, stupid, and corporate are synonyms, government too. It goes with the territory of any large group of humans. As they grow they get dumber and further out of touch until they are overturned by a smaller, nimbler version where the process is repeated in Innovator's Dilemma fashion.

You have to ask why they wouldn't want to talk to an individual suspected of wrongdoing? Why look at security footage, when you can "just ask" the suspect?

You misunderstood. The accused may not be willing to cooperate, but the accuser probably will.

The recipient isn't suspected of wrongdoing, they're on the receiving end of the abuse.