Last week, Slack warned users of changes to its platform that make it easier for employers to access and download their employees’ data, including DMs and messages in private channels.

An email with the subject line, “We’re updating our Privacy Policy and tools,” links to a Slack Help Center article that says paying Slack customers can request access to download whatever they want, including the contents of DMs and “private” channels, without notifying employees.

With this update, Slack is killing its preexisting “compliance export” tool, which couldn’t download data retroactively, was only available to paying customers, and alerted users whose data was being exported.

Though workers in the US are familiar with laws that allow their employers to read emails sent from work accounts, the Slack update caught some users off guard, especially given that it coincided with news of Facebook’s Cambridge Analytica data collection scandal.

Some have argued that the new tool could be considered workplace surveillance, and might violate employment law if it makes workers feel they can’t openly discuss workplace conditions.

Not every Slack workspace owner can read DMs with impunity. The change doesn’t apply to Free and Standard Slack workspaces, where administrators need a legal reason to download workspace data; even with the higher-priced Plus and Enterprise Grid workspaces, administrators need to file a request to Slack to download it.

Once Slack approves data collection requests, companies that pay for Plus can download data via Slack’s export tool. Companies that pay for…