Open
Description
Your use case
In the context of taking down the Matrix Public Archive, we found out a few issues related to room history visibility:
- As an administrator, when setting the room history visibility, the most permissive options is labelled as "Anyone". It doesn't seem to make it obvious enough for people that this means the room can be publicly browsed by bots
- As an administrator, I might have become admin of a room that was previously set to
world_readableby the former admin. When the Matrix Public Archive came to existence, I didn't know my room was so open and I got surprised to find its content on the public archive. - When I join a room, its visibility status is not super obvious, especially for the
world_readableones. According to the specworld_readablemeans "Whether the room may be viewed by guest users without joining". The only indication that the room is public is a tiny globe on the room avatar, and hovering it says "This room is public".
What would you like to do?
We would like to increase the awareness that:
- in world_readable rooms messages are publicly available, so people can either go on with the current settings or change it to something that better suit their needs
- "Anyone" in the history visibility settings means "anyone including people who are not on Matrix, and who didn't join the room"
Why would you like to do it?
We want to better manage expectations in terms of privacy, make sure people don't feel Matrix is leaking information, and make them feel in control of their conversations.
How would you like to achieve it?
By making room visibility (and its consequences) more obvious whether I'm administering a room or joining a room.
Have you considered any alternatives?
We are already banning the archive from any room bridged to major IRC networks
Additional context
This is a pre-requisite to putting archive.matrix.org back online