Comment by baibhavbista
2 months ago
Hey,
I work at Roam on the engineering team.
I do not claim to know about this case, could you send me or support@roamresearch.com any more details you have re: this?
I can, however, tell you what the protocol has been since I've been working here at Roam (since 2021). No one can access user notes without an explicit written permission being granted. We have logs for when any graph is accessed via admins, and so, any member on the team accessing user notes without permission would be fired immediately. This was the operating policy and was made clear to me on my onboarding itself, along with the policy of immediate termination in the case of abuse.
Additionally, since Jan 2022, we have the ability for users to create End-to-end encrypted graphs. These graphs provide an extra level of protection - where your notes (& media) would be safe even in the worst case of Roam being hacked or compelled by law agencies to give info (to be clear, we haven't had either happen)
Hi Baibhav, This was in August 2020. I have attached screenshots as a reply to Josh's reply above. It was early in the days so I could understand the founder perusing as a way of seeing how users are using the site, but not some random dude with a gmail. The logs were showing in my local storage on the browser. My notes were just test notes, so I didn't have anything important to worry about, but I never used Roam as a result.
Hey, clarifying (for anyone who sees this thread and not the other replies)
Roam actually DID NOT READ THEIR DATA (we have always had the policy of never accessing user data without explicit user permission). She just misunderstood what she was looking at.
More (verifiable) details in my comment here: https://news.ycombinator.com/item?id=44047945