← Back to context

Comment by dzink

2 months ago

I started using Roam and as a proper geek, dug through the data it sends back and forth about me and my notes in the browser console. It was doing access logs and some random day I saw some random dude’s name in the access log for my notes. I reached out to ask. They told me he was a new employee. I saw no reason to save personal notes and ideas on a platform where any employee can enjoy them. Thereafter I took my notes to tools i wrote myself. Very enlightening to the incentives for building such tools.

Another thing to add: I had deleted my Roam Research account a long time ago by now, but the media I uploaded on it is still available through the Firebase links.

  • Hey Baibhav from the Roam Engineering team here

    I think this might be a remnant of the time we did not delete media for graphs for cases we thought they might've just migrated to a new graph. For context, a semi-common pattern was for users to export their graph and restore to a new graph, so that they can change the name. Could you have gone through a similar process before deleting your account?

    If you please contact support@roamresearch.com and provide the firebase links (even just a few should be okay to find the media), then we can proceed with the deletion for you. Sorry for the issue

Hey,

I work at Roam on the engineering team.

I do not claim to know about this case, could you send me or support@roamresearch.com any more details you have re: this?

I can, however, tell you what the protocol has been since I've been working here at Roam (since 2021). No one can access user notes without an explicit written permission being granted. We have logs for when any graph is accessed via admins, and so, any member on the team accessing user notes without permission would be fired immediately. This was the operating policy and was made clear to me on my onboarding itself, along with the policy of immediate termination in the case of abuse.

Additionally, since Jan 2022, we have the ability for users to create End-to-end encrypted graphs. These graphs provide an extra level of protection - where your notes (& media) would be safe even in the worst case of Roam being hacked or compelled by law agencies to give info (to be clear, we haven't had either happen)

  • Hi Baibhav, This was in August 2020. I have attached screenshots as a reply to Josh's reply above. It was early in the days so I could understand the founder perusing as a way of seeing how users are using the site, but not some random dude with a gmail. The logs were showing in my local storage on the browser. My notes were just test notes, so I didn't have anything important to worry about, but I never used Roam as a result.

    • Hey, clarifying (for anyone who sees this thread and not the other replies)

      Roam actually DID NOT READ THEIR DATA (we have always had the policy of never accessing user data without explicit user permission). She just misunderstood what she was looking at.

      More (verifiable) details in my comment here: https://news.ycombinator.com/item?id=44047945

Hi, co-founder of Roam, Josh here. I don't recall your case ever being brought up to me, but as Baibhav said in his comment, we have strict no-access rule for engineers. They (and me) are only allowed to open your graph if given explicit permission by you through support. We have always had this rule and it's in our terms and conditions.

I think I found your account and I don't see any access logs to your graph from anyone other than your account. If you can provide any more info or screenshots of we would be able to dig deeper into exactly what you saw. It could have been a console log or a hard coded employee email in the code.

We've always cared deeply about user's privacy and ownership over their notes. This is why we've had this policy from the start and focused heavily on local first features and data portability. We offer fully offline graphs, where the data never touches our server and is never able to be accessed by anyone on our team. We also offer fully encrypted graphs, which are stored on our servers but are not able to be read by anyone without the password (our team cannot read your data).

Would you be open to providing some more details on this? Was this a private graph or a public graph?

  • It happened several years ago - when Conor was holding talks on Clubhouse. I had created an account with a few test notes and went back days later. The notes were not listed or linked anywhere. The person’s email or name was showing in the log but he was not even outed as an employee on linkedin at the time - so I originally thought someone has hacked my account or was accidentally given access to my notes. Then I asked the founder or the person and they said it was a new employee. I have screenshots somewhere but I don’t remember how i reached out to them - if it was a service chat, or email, or twitter, or clubhouse. I always check the network chatter on new sites I use - very enlightening about what they think of customers. A lot of times you see flags for things they want you or don’t want you to be, or what they want to upsell to you. Reactive sites put all kinds of logic in the front end where it doesn’t belong.

    • Thanks for elaborating! This is definitely not ok, and the response beyond unacceptable.

      I've been an active user for a couple of years now and have substantial amount of information stored in Roam. I guess I should have known better than to have sensitive data stored in someone else's servers without encryption.

      Time to explore Obsidian and see what the migration path looks like.

      1 reply →