It's technically possibly even without an addon as most content in a MySQL database isn't encrypted, but the only person that is going to be able to do this is the one who owns the server/host. It's a moral choice as to whether they do or not, but even if there was a reason then to be fair they have every right to given it's their site. Mod's and other admin's won't have access.
Although the legal aspect is quite different and it's subject to clauses etc. It's the same in your workplace with email. This is a little bit of an extreme explanation, but it's just to compliment the message.
If an electronic mail (e-mail) system is used at a company, the employer owns it and is allowed to review its contents. Messages sent within the company as well as those that are sent from your terminal to another company or from another company to you can be subject to monitoring by your employer. This includes web-based email accounts such as Yahoo and Hotmail as well as instant messages. The same holds true for voice mail systems. In general, employees should not assume that these activities are not being monitored and are private. Several workplace privacy court cases have been decided in the employer's favor.
If your employer intends to monitor emails or internet use, it should inform you it intends to do so. This could be done in your employment contract or employee handbook, or some other kind of workplace email policy.
The policy should:
- set out clearly the circumstances in which you may or may not use work email and internet for private communications;
- make clear the extent and type of private use that is allowed;
- explain why your employer monitors emails, the extent of the monitoring, and the means used;
- outline how the policy is enforced and the penalties you can expect if you breach the policy;
- inform you of the extent to which information about your internet access and emails is retained in the system and for how long.
However, the Regulation of Investigatory Powers Act 2000 prohibits intentional "interception" of emails without "lawful authority". As a general rule, this means employers cannot read an email without the consent of both the sender and recipient.
The Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000 lists a number of exceptions to this general rule, however, which include intercepting business emails to:
- ascertain regulatory compliance;
- detect unauthorised use; and
- prevent/detect criminal activity.
Your employer should confine itself to looking solely at the address/heading of your business emails unless it is absolutely essential for a valid and defined reason to examine the content (e.g., to prevent a crime). Moreover, to minimise intrusion, employers should as far as practicable utilise automated systems to monitor email.
If you are allowed to access your personal email account at work, your employer may monitor such emails only in exceptional circumstances (e.g., to investigate criminal activity).