top | item 23847663

(no title)

amandine | 5 years ago

You can disable e2e on your server if you wish so. The option already exists in Synapse and it is part of Element Matrix Services customers.

For those who are legally required to be on record, there are other ways to keep track of the conversations for audit purposes without compromising the e2e encryption. For example, every room could have an audit bot invited by default, visible by the users, and which would record everything being said. Then you can setup the access to the logs from the audit bot to only be unencrypted in certain conditions, e.g. if the 2 halves of a key giving access to the account are put together. It's secure, clear for the users and legally compliant.

[disclaimer: I'm from the Element team]

discuss

marcinzm|5 years ago

Your comment reinforces my initial point: "A broader solution is almost always less efficient for a specific constrained sub-problem."

It all sounds very complicated compared to paying a bit of money and toggling a setting. For example, googling for "elements/riot/matrix audit bot" results in no pertinent results from what I can tell. Being possible is not the same thing as being easy to use.

edit: Also companies don't care about being clear to users except as legally required or beneficial to the company. Employees not being constantly aware that they're being watched all the time is a positive and not a negative.