At the moment it's not clear who has access to what on the server and the chat. The most sensitive information I can think of at the moment: private messages and IP addresses/access times.
It's also not clear what admins can, or should, do.
I'm assuming this will overlap with GDPR work.
Outline levels of access, and who has them.
Document it.
Closed: outdated
Web chat
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.