Can my company see my Teams messages?


As the adoption of social media platforms has grown, so has data collection and privacy scares. As a new or old user of Microsoft Teams, you may have wondered just how private your conversations are. I’m sad to say you may not want the answer.

Microsoft 365 admins can use three different roles to monitor conversations:

RoleInformation
Communication compliance adminAdmins can create, edit, and delete communication compliance policies with this role.
Communication compliance analystAdmins with this role can review existing compliance policies and observe your message’s metadata.
Communication compliance investigatorAdmins with this role can observe message metadata, message content, and list flagged messages under e-discoveries.
Communication compliance roles

Administrators in Microsoft Teams can monitor your conversations to varying extents; one of three roles determines the extent to which messages can be monitored. I’ll be telling you about each one. I’ll additionally be taking time to address topics like metadata, which your messages contain, and e-discovery, which they can send your flagged messages to.

Use the following links to find relevant content faster:

  1. Which admins can monitor my conversations in Teams
  2. What does message metadata tell my company in Teams
  3. What is e-discovery: Microsoft Teams
  4. Blog post recap

Which admins can monitor my conversations in Teams

Alright, time to identify our message snoopers! There are three, and each is responsible for different things.

  • Communication compliance admin: handles compliance policies
  • Communication compliance analyst: reviews metadata
  • Communication compliance investigator: reviews message content and metadata

Communication compliance admin

A communication compliance admin holds read, write, and edit permissions for communication compliance policies. More specifically, they are responsible for creating new compliance policies, deleting old ones, and editing existing ones.

Compliance policies determine how users can communicate and interact with one another— or even who can interact with one another. You will often use these permissions to prevent confidential information from reaching the wrong people.

Example showing information barriers preventing communication between segments.
Credit to: Microsoft

The above diagram depicts two groups capable of communication with a third group, but not each other. The system prevents private information from slipping between the sister companies, although both relay relevant information to the parent company’s HR team. Your communication compliance administrator would establish such a system.

Communication compliance analyst

A communication compliance analyst is not responsible for monitoring your message’s content and thus cannot see it; however, a communication compliance analyst can instead examine your message’s metadata.

Metadata is “data that provides information about other data”, but not the content of the data, such as the text of a message or the image itself.

Wikipedia – Definition source

Communication compliance investigator

A communication compliance investigator can view your messages as well as their metadata. Should your message be flagged, compliance investigators can add the message to an e-discovery. Unless your messages are a source of legal concern, there’s no need to worry about that.

Because communication compliance investigators can examine both message content and metadata alike, they’re able to monitor your conversations more than anyone else.

What does message metadata tell my company in Teams

Metadata can detail when you sent messages, where you sent them from, who they were sent by, and who you sent them to. However, more technical information can also be logged, such as your message size. If you’re still unsure, imagine a shape; a shape possesses properties such as length, height, and sides which allow us to infer information about it.

Below is a list detailing the metadata your message may contain

  • message length
  • message author
  • message recipient
  • message timestamp
  • message geolocation (from IP)
  • attachments
    • attachment size
    • attachment file type
    • attachment link

Communication compliance analysts infer your usage of Teams from data within your messages. For instance, whom you chat with most, where you chat most, how much you chat during work hours, and what kind of files you distribute.

Despite what you may think, this is not something to fret about; many communication platforms worldwide store and take advantage of metadata. Data collection at this time is an inescapable drawback of technology’s growth— one which many dislike despite reaping its benefits. I’m talking about you: TikTok users.

What is e-discovery: Microsoft Teams

E-discovery or electronic discovery refers to identifying and collecting electronically stored information. Authorities can request such information during legal litigations or government investigations. Hence, admins may mark flagged messages of concern for e-discovery. However, this is unlikely to affect you unless you’re suspected of having committed or plan to commit a crime.

I advise keeping private information far away from conversations on work-controlled accounts. Whether you’ve got “nothing to hide” or not, we all take pleasure in knowing our private information is just that: private.

Blog post recap

Microsoft Teams Admin center contains three roles that influence communication within Teams and how businesses can monitor it. The communication compliance admin role can control policies that affect how users interact. Communication compliance analysts can infer usage statistics from metadata within the messages you send— they cannot view a message’s content. Communication compliance investigators can view message content and message metadata. Compliance investigators are additionally responsible for marking flagged messages for e-discovery.

Finally, a word of advice: don’t worry; communication monitoring exists for your protection above all else. Although I disapprove of using work accounts for personal conversations, I’d like to remind you that they’re unlikely to be snooped on unless you’ve behaved suspiciously.

You can access our related posts via the following links:

Recent Posts