← Back to context

Comment by dzink

2 months ago

I started using Roam and as a proper geek, dug through the data it sends back and forth about me and my notes in the browser console. It was doing access logs and some random day I saw some random dude’s name in the access log for my notes. I reached out to ask. They told me he was a new employee. I saw no reason to save personal notes and ideas on a platform where any employee can enjoy them. Thereafter I took my notes to tools i wrote myself. Very enlightening to the incentives for building such tools.

34 comments

dzink

Reply
coldblues  2 months ago

Another thing to add: I had deleted my Roam Research account a long time ago by now, but the media I uploaded on it is still available through the Firebase links.

  • baibhavbista  2 months ago

    Hey Baibhav from the Roam Engineering team here

    I think this might be a remnant of the time we did not delete media for graphs for cases we thought they might've just migrated to a new graph. For context, a semi-common pattern was for users to export their graph and restore to a new graph, so that they can change the name. Could you have gone through a similar process before deleting your account?

    If you please contact support@roamresearch.com and provide the firebase links (even just a few should be okay to find the media), then we can proceed with the deletion for you. Sorry for the issue

baibhavbista  2 months ago

Hey,

I work at Roam on the engineering team.

I do not claim to know about this case, could you send me or support@roamresearch.com any more details you have re: this?

I can, however, tell you what the protocol has been since I've been working here at Roam (since 2021). No one can access user notes without an explicit written permission being granted. We have logs for when any graph is accessed via admins, and so, any member on the team accessing user notes without permission would be fired immediately. This was the operating policy and was made clear to me on my onboarding itself, along with the policy of immediate termination in the case of abuse.

Additionally, since Jan 2022, we have the ability for users to create End-to-end encrypted graphs. These graphs provide an extra level of protection - where your notes (& media) would be safe even in the worst case of Roam being hacked or compelled by law agencies to give info (to be clear, we haven't had either happen)

  • dzink  2 months ago

    Hi Baibhav, This was in August 2020. I have attached screenshots as a reply to Josh's reply above. It was early in the days so I could understand the founder perusing as a way of seeing how users are using the site, but not some random dude with a gmail. The logs were showing in my local storage on the browser. My notes were just test notes, so I didn't have anything important to worry about, but I never used Roam as a result.

    • baibhavbista  2 months ago

      Hey, clarifying (for anyone who sees this thread and not the other replies)

      Roam actually DID NOT READ THEIR DATA (we have always had the policy of never accessing user data without explicit user permission). She just misunderstood what she was looking at.

      More (verifiable) details in my comment here: https://news.ycombinator.com/item?id=44047945

hashbrown490  2 months ago

Hi, co-founder of Roam, Josh here. I don't recall your case ever being brought up to me, but as Baibhav said in his comment, we have strict no-access rule for engineers. They (and me) are only allowed to open your graph if given explicit permission by you through support. We have always had this rule and it's in our terms and conditions.

I think I found your account and I don't see any access logs to your graph from anyone other than your account. If you can provide any more info or screenshots of we would be able to dig deeper into exactly what you saw. It could have been a console log or a hard coded employee email in the code.

We've always cared deeply about user's privacy and ownership over their notes. This is why we've had this policy from the start and focused heavily on local first features and data portability. We offer fully offline graphs, where the data never touches our server and is never able to be accessed by anyone on our team. We also offer fully encrypted graphs, which are stored on our servers but are not able to be read by anyone without the password (our team cannot read your data).

arbus5672  2 months ago

Would you be open to providing some more details on this? Was this a private graph or a public graph?

  • dzink  2 months ago

    It happened several years ago - when Conor was holding talks on Clubhouse. I had created an account with a few test notes and went back days later. The notes were not listed or linked anywhere. The person’s email or name was showing in the log but he was not even outed as an employee on linkedin at the time - so I originally thought someone has hacked my account or was accidentally given access to my notes. Then I asked the founder or the person and they said it was a new employee. I have screenshots somewhere but I don’t remember how i reached out to them - if it was a service chat, or email, or twitter, or clubhouse. I always check the network chatter on new sites I use - very enlightening about what they think of customers. A lot of times you see flags for things they want you or don’t want you to be, or what they want to upsell to you. Reactive sites put all kinds of logic in the front end where it doesn’t belong.

    • arbus5672  2 months ago

      Thanks for elaborating! This is definitely not ok, and the response beyond unacceptable.

      I've been an active user for a couple of years now and have substantial amount of information stored in Roam. I guess I should have known better than to have sensitive data stored in someone else's servers without encryption.

      Time to explore Obsidian and see what the migration path looks like.

      1 reply →