I've heard this from FB employees before. Usage is logged against the employee record for audit purposes and can only be done from within their offices.
I can't remember if I'm thinking of FB or another service, but I seem to recall there even being multiple levels of impersonation, so employees masquerading as users for debugging purposes have to explicitly request write access or messages access, but I'm not 100% on that.
I can't remember if I'm thinking of FB or another service, but I seem to recall there even being multiple levels of impersonation, so employees masquerading as users for debugging purposes have to explicitly request write access or messages access, but I'm not 100% on that.