Make it harder to spy on people's DMs
There's apparently a checkbox ("Show private statuses", added in 12226047 ) that shows DMs in the admin FE. The potential for abuse is pretty obvious; I can't think of a reason to include it. The same commit appears to be the one where posts (regardless of visibility) are visible when they're reported, which is totally reasonable functionality. But "click here to invade privacy" seems like way too low a barrier, it practically encourages abuse.
I think the functionality should be removed, or at the very least it should automatically notify the user (even if the user is remote) when it is used.