Mark Smith's Journal

Work related musings of a geek.


09.05.2010 08:35 pm (UTC)

(no subject)

eagle: Me at the Adobe in Yachats, Oregon (Default)
Posted by [personal profile] eagle
One other thing along those lines to worry about is that you could end up in a situation where you're legally not permitted to notify the user that their content is being viewed (a valid search warrant, for instance). While this is exactly the case where I suspect most users would like to be notified, since you're a US business, you simply can't. So saying that you'll notify users when the content is viewed is to some extent promising something that you can't reliably deliver.

My purely personal perspective, admittedly as someone who knows a lot about how this sort of thing works since I'm a professional sysadmin, is that the site users have to trust you and Denise by necessity and, beyond that, I'm not sure there's a lot of utility in trying to enable community audit of your activities. I'm also not sure that there's much utility in notification if there's no option or decision available to the user.

One thing you could consider is, in a future world in which you may want to grant more fine-grained access to additional people, would be to distinguish between access under the user's control and access that is done by a site admin. For instance, when submitting a support ticket, a user could potentially get a checkbox saying "allow senior support people access to my restricted content" which they could check if the request seemed to warrant it. If they chose not to check it, then their support request may take longer if it requires such access until you or Denise or similar staff had a chance to look at it.

Not sure if the gain is worth the complexity, though.
Anonymous( )Anonymous This account has disabled anonymous posting.
OpenID( )OpenID You can comment on this post while signed in with an account from many other sites, once you have confirmed your email address. Sign in using OpenID.
Account name:
If you don't have an account you can create one now.
HTML doesn't work in the subject.


Notice: This account is set to log the IP addresses of everyone who comments.
Links will be displayed as unclickable URLs to help prevent spam.