# PM's How Private?



## classic33 (16 Nov 2016)

Okay they're now called conversations, but the basic questions remains the same.
How private should they be?
Rules say don't include anything that you'd not post on the forum. But try posting your phone number in Classifieds & see how long it stays there.

How would you feel if something given in one was passed onto a third party?

Is there an undefined line that can be crossed, so long as you can feel justified in doing so.


----------



## Cubist (16 Nov 2016)

Generally speaking I would always say "here's my number, but keep it to yourself please" 

Due to the amount t of confidential info I've been involved with all my career, I would never pass things like a number or any other personal details I had obtained on a one-to-one basis without expressly seeking the consent of the owner in the first place. Unfortunately, not everybody behaves like this, and stuff gets shared unthinkingly.


----------



## Cubist (16 Nov 2016)

User14044mountain said:


> Putin is watching and listening.


No laughing matter for some people if a perceived breach of confidentiality has taken place.


----------



## nickyboy (16 Nov 2016)

In organising rides I do PM my mobile number to participants rather than posting it in the ride thread itself. I don't expressly seek assurances from those I'm PM'ing that they won't pass my number on but I think it's implicit in the fact I've sent it by PM

Having said that, my mobile is used for my business so it's known by loads of people anyway


----------



## Cubist (16 Nov 2016)

User14044mountain said:


> It wasn't really a joke more of a statement that hacking seems more and more prevalent - witness the US elections and various bank/service company websites that have been hacked recently.


Ah, in that case I shall go and knit myself an ironic tinfoil hat.


----------



## Hugh Manatee (16 Nov 2016)

Cubist said:


> Ah, in that case I shall go and knit myself an ironic tinfoil hat.



Is that what steel wool is for?


----------



## Brandane (16 Nov 2016)

Hi Classic,
How's things? I'm sending this by PM so that all those other nosey farking nobbers can't read it. Jeez; what a bunch of morons, and I reckon most of them have never been near a bike in their sad lifes. Nothing better to do but come on a cycling forum to moan about drivers, and discuss the same old pish over and over again.
Anyway, what was it you were asking about PM's? I don't know much about them, apart from how to send them. It's the button below this that says "post reply", I think.


----------



## Globalti (16 Nov 2016)

PM's what? Are we discussing the Prime Minister here?


----------



## classic33 (16 Nov 2016)

I used mobile number because it can often be seen by people posting stolen bike reports and in classifieds.

If it appears, it doesn't stay very long.


----------



## TheDoctor (16 Nov 2016)

I once had reason to ask this.
They're private. Mods can't see them.
I'd expect anything I said in a PM to remain private, but if it didn't I wouldn't be overly-bothered.


----------



## Andrew_P (16 Nov 2016)

you can see profile post (what's the point of these?) on peoples pages though are PM's different?


----------



## threebikesmcginty (16 Nov 2016)

What's the point of this thread, what's the actual problem?


----------



## glasgowcyclist (16 Nov 2016)

I treat information in a PM as confidential between the parties involved and would not disclose it to anyone else. I would hope that others did the same.


----------



## T.M.H.N.E.T (16 Nov 2016)

Then you discover that "conversations" have a Report button incase you or your recipient don't like something.

Then it's not private


----------



## glasgowcyclist (16 Nov 2016)

T.M.H.N.E.T said:


> Then you discover that "conversations" have a Report button incase you or your recipient don't like something.
> 
> Then it's not private



That's fair enough as I can see its usefulness in the event that someone was threatening or bullying via PM.


----------



## summerdays (16 Nov 2016)

TheDoctor said:


> I once had reason to ask this.
> They're private. Mods can't see them.
> I'd expect anything I said in a PM to remain private, but if it didn't I wouldn't be overly-bothered.


Correct, mods can't see them UNLESS a specific post is reported or they are added to the conversation. Just because it is private it can't be used to abuse someone. 

As for sharing mobile number or address/information given in a PM with someone else, think whether you should, it may be information that the person didn't want passed on to anyone else. Easiest way is to ask first.


----------



## nickyboy (16 Nov 2016)

threebikesmcginty said:


> What's the point of this thread, what's the actual problem?



Cos a load of us are in a PM group where we discuss how much we don't like you. We just want to make sure it stays private, that's all


----------



## slowmotion (16 Nov 2016)

nickyboy said:


> Cos a load of us are in a PM group where we discuss how much we don't like you. We just want to make sure it stays private, that's all


Please can I join?


----------



## threebikesmcginty (16 Nov 2016)

Why not, the moron the merrier, as the old saying goes.


----------



## mjr (16 Nov 2016)

Globalti said:


> PM's what? Are we discussing the Prime Minister here?


PM = Pee Myself. It's a limited-access forum used by incontinent members to organise bullying of those they call "drysters".












or it's Private Messages, which aren't called that on here any more, but are now "conversations" because recipients can invite others into the conversation unless you tick the box at the outset.


----------



## Crackle (16 Nov 2016)

nickyboy said:


> Cos a load of us are in a PM group where we discuss how much we don't like you. We just want to make sure it stays private, that's all


I never knew about that, I just use the forum for it.


----------



## Brandane (16 Nov 2016)

Shouldn't the thread title have been "PM's Question Time"?


----------



## ColinJ (16 Nov 2016)

I think it is fairly obvious that what is discussed in PMs is intended to remain private, but I would assume that it might not.

Some people just don't seem to 'get' privacy ... I once sent an email to someone discussing everything from my feelings about my dying parents to how distraught I was at the bust-up of my long-term relationship. I eventually went on to add a couple of photographs of a bike ride that we had done together. The recipient did not know how to save the photos to show to their mates so my VERY private email got forwarded to them instead! A different friend insists on broadcasting emails to virtually all of his contacts with our email addresses in the CC field. I have told him not to do that but he keeps on doing it. I don't want my email address sending to everyone in his address book!


----------



## glasgowcyclist (16 Nov 2016)

Markymark said:


> Judging by some of the filth you've sent me, I'm not surprised you want to keep it private. Honestly, it would make Peter Sutcliffe wince



Do you realise how difficult it was to find that stuff? You have very, erm, 'niche' tastes. Luckily I used Brandane's credentials.


----------



## Pat "5mph" (16 Nov 2016)

@classic33 someone having your number does not matter, you can always block them if they are up to no good. Same with email.
I'd be vary of sharing addresses with people you don't actually know in person.
Some, as in @ColinJ's example, do not realize how easy it is to break a confidence.
Of course, you should tell people not to divulge stuff, plainly, your usual enigmatic ways could be misunderstood!


----------



## PeteXXX (16 Nov 2016)

I've had a few 'conversations' with members here and have given, or been given, home addresses as stuff has needed to be sent or received. No point in entering into a sale or summat unless an address is 'trusted' to another member.
If I'd not seen the person contributing regularly to CC I doubt I'd share such details.
So far, I've not been let down in my trust of folks here, and hope it continues in the same vein.


----------



## Pat "5mph" (16 Nov 2016)

PeteXXX said:


> I've had a few 'conversations' with members here and have given, or been given, home addresses as stuff has needed to be sent or received. No point in entering into a sale or summat unless an address is 'trusted' to another member.
> If I'd not seen the person contributing regularly to CC I doubt I'd share such details.
> So far, I've not been let down in my trust of folks here, and hope it continues in the same vein.


True, I forgot about buying and selling


----------



## raleighnut (16 Nov 2016)

PeteXXX said:


> I've had a few 'conversations' with members here and have given, or been given, home addresses as stuff has needed to be sent or received. No point in entering into a sale or summat unless an address is 'trusted' to another member.
> If I'd not seen the person contributing regularly to CC I doubt I'd share such details.
> So far, I've not been let down in my trust of folks here, and hope it continues in the same vein.


Ditto.


----------



## SteCenturion (17 Nov 2016)

Globalti said:


> PM's what?


Post mortems ....

They used to be quite popular & I received loads, just lately it's gone a bit dead.


----------



## classic33 (17 Nov 2016)

mjr said:


> PM
> 
> or it's Private Messages, which aren't called that on here any more, but *are now "conversations" *because recipients can invite others into the conversation unless you tick the box at the outset.


Which was said in the first post.

Try that last idea and see what happens.


----------



## slowmotion (17 Nov 2016)

I had a few PMs from someone who died. Amusing gossip and observations. Now that he has gone, that stuff is locked away for ever in a server somewhere. His widow presumably knows nothing of them unless he gave her his CC details, or CC gave them to her. Our conversations had nothing to do with his personal life but gives a humorous insight into his character. Should I print them out and send them to her?


----------



## mjr (17 Nov 2016)

classic33 said:


> Try that last idea and see what happens.


Or you could just tell people if it doesn't work like that, instead of playing the smug priest.


----------



## theclaud (17 Nov 2016)

Markymark said:


> Judging by some of the filth you've sent me, I'm not surprised you want to keep it private. Honestly, it would make Peter Sutcliffe wince


I know this is just a gag and not ill-intentioned, but for anyone, and especially a woman, familiar with the detail of Sutcliffe's crimes, it is very jarring in the context of a light-hearted exchange. There are funnier ways to insinuate that your forum mates are colossal perverts.


----------



## Scoosh (17 Nov 2016)

As has been mentioned up-thread, Conversations (PMs) are private to those included in the Conversation. They are invisible to the Mods and even to Shaun himself.  Even when a Conversation is Reported, Shaun and the Mods are unable to see what is being Reported, as, unless we are invited into the Conversation, we cannot see what is being Reported. Conversations remain private unless other Members are Invited in.

The principle that one should not write something in a Conversation that one wouldn't write on the open forum relates more to the manner of speech, offensive language etc than the confidential nature of the details being exchanged. As far as I am aware, Conversations are still the most secure way on CC to exchange phone numbers, bank details, email addresses etc., as they are not viewable by anyone else on the forum, while Profile posts are viewable by any member of the public who looks on CC.

The issue of how the information (phone numbers, emails etc.) contained within a Conversation is handled ... well that is a separate matter and maybe could be best handled by a request/ instruction/ caution in the first post of the Conversation, making clear the confidentiality expected. 

HTH


----------



## Markymark (17 Nov 2016)

theclaud said:


> I know this is just a gag and not ill-intentioned, but for anyone, and especially a woman, familiar with the detail of Sutcliffe's crimes, it is very jarring in the context of a light-hearted exchange. There are funnier ways to insinuate that your forum mates are colossal perverts.


You are quite right, apologies. Post deleted.


----------



## nickyboy (17 Nov 2016)

User13710 said:


> I wonder if @Shaun would consider making it possible to delete a conversation, or a post within one? At the moment all a participant can do is leave the conversation, but the conversation remains and others can be invited into it, possibly then to see material that a person might not have meant to be shared.



Is it not the case that if A and B start a conversation, B leaves and C is invited to join and joins.....C cannot see what has been said previously?

I actually don't know, never been in this situation


----------



## ColinJ (17 Nov 2016)

nickyboy said:


> Is it not the case that if A and B start a conversation, B leaves and C is invited to join and joins.....C cannot see what has been said previously?
> 
> I actually don't know, never been in this situation


I would be very surprised if it _did_ work that way!

Some people in a 'private' conversation could feel very embarrassed if certain other people were later invited to join that conversation ... (Put it this way - I have been made aware (by friendly members who thought that I should know what was going on) of some snide negative private conversations about me in the past ! _You snidey backstabbers know who you are and I would just like to say that I am very disappointed - I expected better from you ..._ )


----------



## ColinJ (17 Nov 2016)

PS Feel free to apologise privately - I won't rat on you!


----------



## nickyboy (17 Nov 2016)

User13710 said:


> It doesn't work that way, no.



Ah, OK....I will make sure that I don't put anything too salacious in a conversation then!

Having said that, most of mine are dull in the extreme....cycling routes out of Leeds, meet up times, gpx files etc...if people want to be bored then they're welcome to a copy


----------



## Andrew_P (17 Nov 2016)

Do people seriously send PM's to each other to purely bitch about other members, or have I been whooshed by @ColinJ ?!


----------



## slowmotion (17 Nov 2016)

Andrew_P said:


> Do people seriously send PM's to each other to purely bitch about other members, or have I been whooshed by @ColinJ ?!


 It's rather like the Dark Web......


----------



## rich p (17 Nov 2016)

fark me, it's not a bloody 6th form common room.


----------



## ColinJ (17 Nov 2016)

Andrew_P said:


> Do people seriously send PM's to each other to purely bitch about other members, or have I been whooshed by @ColinJ ?!


_Most_ PMs are probably business-like (exchanging phone numbers, names, addresses, bank details etc. - information that you do not want in the public domain) or personal (e.g. sharing details about recovery from illness) but some gossiping _does_ go on. When you have a big collection of people, sooner or later they are going to start forming little cliques and going on about each other!

I have had a quick look back at the messages that I still have access to and the vast majority of them are about forum rides, a few are me answering questions that people have asked me, and several are about buying things from other forum members.


----------



## jefmcg (17 Nov 2016)

Scoosh said:


> As has been mentioned up-thread, Conversations (PMs) are private to those included in the Conversation. They are invisible to the Mods and even to Shaun himself.  Even when a Conversation is Reported, Shaun and the Mods are unable to see what is being Reported, as, unless we are invited into the Conversation, we cannot see what is being Reported. Conversations remain private unless other Members are Invited in.


So, are they encrypted on the server?


----------



## Scoosh (17 Nov 2016)

jefmcg said:


> So, are they encrypted on the server?


No idea - that's way above my pay/ knowledge level ! That's under-the-bonnet stuff ...


----------



## jefmcg (17 Nov 2016)

Well if it's not encrypted (and I assume it wouldn't be) then Shaun could read them, he just chooses not to. 

Well, he could also log in as any one of us and take a peek if he wanted


----------



## summerdays (17 Nov 2016)

jefmcg said:


> Well if it's not encrypted (and I assume it wouldn't be) then Shaun could read them, he just chooses not to.
> 
> Well, he could also log in as any one of us and take a peek if he wanted


I don't think he could log on as you without changing your password.

Certainly Mods can't and Shaun has always said he can't see them. He has enough alerts from the forum on a daily basis to read without going looking for more stuff to browse!


----------



## Pat "5mph" (17 Nov 2016)

slowmotion said:


> I had a few PMs from someone who died. Amusing gossip and observations. Now that he has gone, that stuff is locked away for ever in a server somewhere. His widow presumably knows nothing of them unless he gave her his CC details, or CC gave them to her. Our conversations had nothing to do with his personal life but gives a humorous insight into his character. Should I print them out and send them to her?


I would wait a year or so, then ask her if she would like to read them.


----------



## slowmotion (17 Nov 2016)

Pat "5mph" said:


> I would wait a year or so, then ask her if she would like to read them.


I've decided not to do anything with them. People seem to cherish old letters written by a previous generation but emails and other electronic comms are a bit different. I'm not sure why. Maybe it's because a bit less thought is given to the content.


----------



## Pro Tour Punditry (17 Nov 2016)

rich p said:


> fark me, it's not a bloody 6th form common room.


There are a lot of people replying to this thread that you have PMed me about


----------



## jefmcg (18 Nov 2016)

summerdays said:


> I don't think he could log on as you without changing your password.
> 
> Certainly Mods can't and Shaun has always said he can't see them. He has enough alerts from the forum on a daily basis to read without going looking for more stuff to browse!




Yeah, it would require some hacking.
No, I don't think he would do it
But speaking of hacking, I wouldn't put anything in a "conversation" that would be damaging if it feel into the wrong hands. It's possible that this site could be hacked and someone might download the entire database. This is why you shouldn't use the same email/password on multiple sites. I'd be more nervous about bank details - which shouldn't cause problems but who knows, but pretty relaxed about phone numbers or addresses.


----------



## rich p (18 Nov 2016)

jefmcg said:


> I wouldn't put anything in a "conversation" that would be damaging if it feel into the wrong hands


That's my philosophy too...
Let that be a lesson to you @Marmion ...


----------



## glasgowcyclist (18 Nov 2016)

jefmcg said:


> Well if it's not encrypted (and I assume it wouldn't be) then Shaun could read them, he just chooses not to.
> 
> Well, he could also log in as any one of us and take a peek if he wanted




On another forum where I'm the site owner I could (I don't!) look at the MySQL database to read private messages between members. I couldn't use their credentials to login as any of them as the passwords are all hashed. The setup may or may not be similar here on CC.


----------



## Crackle (18 Nov 2016)

I imagine it's just permissions, same as on something like an Exchange server in a work environment. Don't ever imagine your work mail is in some way private, it simply isn't. I often had to grant permission to senior managers to examine someone's email. It's not something I liked doing and was eventually glad to be rid of the responsibility when they finally appointed an over-arching security bod, who really seemed to enjoy catching people out, the prick!


----------



## mjr (18 Nov 2016)

Crackle said:


> Don't ever imagine your work mail is in some way private, it simply isn't. I often had to grant permission to senior managers to examine someone's email.


I don't think that's legal unless it's in the employment contract, but I could be wrong. However, still don't rely on email being private as support workers can open emails to debug system faults (but any that follow ethical standards, perhaps as part of a technical society membership) but shouldn't read the bodies unless it's relevant to the fault.

Ultimately, if you want to keep messages private, install an Open and Pretty Good Privacy (OpenPGP) encryption add-on, such as APG for K9-mail on phones, or Enigmail for Thunderbird, or many more. https://gnupg.org/related_software/swlist.html is one list. There may be other lists. I don't know. I installed stuff years ago and keep it updated but mostly, it just works once it's set up.

(edited to fix ytpo)


----------



## jefmcg (18 Nov 2016)

glasgowcyclist said:


> On another forum where I'm the site owner I could (I don't!) look at the MySQL database to read private messages between members. I couldn't use their credentials to login as any of them as the passwords are all hashed. The setup may or may not be similar here on CC.


You could save the hash from the database (in a text file), change the password, poke around, then copy the hash back again. 

Just sayin'


----------



## Pat "5mph" (18 Nov 2016)

jefmcg said:


> You could save the hash from the database (in a text file), change the password, poke around, then copy the hash back again.
> 
> Just sayin'


But if the member wants to log in at the same rime of the "poking" and his password is not working, would they not suspect foul play?


----------



## summerdays (18 Nov 2016)

We don't have the ability to look at someone's password. If they forget it we set it to something new, tell them and then they change the password to one they can remember and we don't know.


----------



## jefmcg (18 Nov 2016)

Pat "5mph" said:


> But if the member wants to log in at the same rime of the "poking" and his password is not working, would they not suspect foul play?


Yeah, but he could always say something like  "Sorry, my fault - I'm testing the speed and integrity of a number of caching data stores on the server and when I switch between them it invalidates the session data,"

(Shaun is going to punch me shortly)



summerdays said:


> We don't have the ability to look at someone's password. If they forget it we set it to something new, tell them and then they change the password to one they can remember and we don't know.


Yes, you can't look at them. But I bet the backend of CC is a MySql database, that is almost entirely unencrypted. The passwords are probably MD5 encrypted. Shaun can almost certainly access that. And he could, if he wanted, use that to hack.

I don't for a second think he wants to, or has. But it's easily doable.


----------



## Pat "5mph" (18 Nov 2016)

Oh goodness @jefmcg, just as well my only topic of conversation are cats and bikes, and occasionally moans about work.
Glad I'm not interesting enough to attract a hacker's attention!


----------



## classic33 (18 Nov 2016)

Pat "5mph" said:


> Oh goodness @jefmcg, just as well my only topic of conversation are cats and bikes, and occasionally moans about work.
> Glad I'm not interesting enough to attract a hacker's attention!


You forgot tomato plants!


----------



## Pat "5mph" (18 Nov 2016)

classic33 said:


> You forgot tomato plants!


Ok, I forgot about the topics of gardening and food: still not very interesting to a hacker


----------



## mjr (18 Nov 2016)

Pat "5mph" said:


> Ok, I forgot about the topics of gardening and food: still not very interesting to a hacker


Hackers like food. People who break into computers are vandals, not hackers... but the media have screwed this up with their consistent lies, just like they have with the EU.


----------



## Pale Rider (19 Nov 2016)

Common sense says don't tap anything into a connected computer that you are not prepared to see published.

As regards work emails, you are using your employer's system so I don't see there can be any reasonable complaint if the employer looks at what's there.


----------



## Shaun (20 Nov 2016)

classic33 said:


> Okay they're now called conversations, but the basic questions remains the same. How private should they be? *Rules say don't include anything that you'd not post on the forum.* But try posting your phone number in Classifieds & see how long it stays there. How would you feel if something given in one was passed onto a third party? Is there an undefined line that can be crossed, so long as you can feel justified in doing so.



To be fair, the rules don't actually say that:


> The personal conversation system allows you to communicate privately with others. The same rules of conduct apply. *It is reasonable to expect privacy, but we cannot absolutely guarantee it; we therefore recommend you do not share anything via personal message that you would not want made public by any of the other participants.* Personal information and private discussions may not be posted on the forums, unless there is clear consent from all parties.



In general, providing you trust the other conversation participants, you can expect your conversation to remain private. However, there are situations where the contents of a conversation can be exposed to people outside of the original conversation and you should consider this when exchanging personal information:

*Conversation participants can copy and share messages* - either with other CC'ers via the PM system or off-site. Whilst it is _expected_ that your confidence will be kept, we cannot guarantee it, so you should take care who you share deeply personal or private things with, and if something is of an extremely personal nature then consider not sharing it here and chosing another means of communication such as text message, email, etc.

*Other people can be invited into a conversation* - you may begin a conversation with one person or group but then others are invited in at a later stage. When this happens _they see the whole of the conversation_. If you do not want something you've already said to be shown to the newcomers, it is advisable to start a new group conversation.

*Messages within a conversation can be reported to the moderator team* - for example if someone is being abusive or spamming. It only shows the single, individual message that is being reported (not the whole conversation) and the mod team have no access to the conversation itself (unless you invite them in to deal with it).
*Replying to an email notification ends up in my Inbox* - if you have email notifications enabled for personal messages and you _reply to the email notice_ (instead of logging in to CC to reply to the conversation), it ends up in my Inbox. The emails are deleted straight away.
There are no moderator or administrator functions in the forum software that allow the viewing of personal conversations; there are no add-ons installed that allow me to read your personal conversations; however I _do _have the ability to view them in the database if I am ever required to do so by law, but thankfully in the decade I've been running CC that has yet to happen (and hopefully never will).

As to people passing on personal conversation information to other parties without permission - if you know of that happening, then please report it and I will look into it. I would take a very dim view of anyone who did so unless there were extenuating circumstances.

And moderators removing email addresses and phone numbers posted on the public forums? Well that's just common sense - unless you want _more_ junk email or phone calls from random strangers all hours of the day or night?

Cheers,
Shaun


----------



## Spiderweb (2 Mar 2017)

Can someone tell me how I can send/receive private messages.
Thank you in advance.


----------



## jefmcg (2 Mar 2017)

Click on the name and then ....


----------

