... not exploiting existing ones, at least not intentionally. This is a requirement for places like financial firms that have to show there was no insider trading going on, so phone calls and messaging systems have to have full logs. Every other system is simply banned for compliance. So if Slack wants to be used in those companies, they have to have this capability.
Seems like a story of company expansion more than privacy being exploited, but of course, like others say, if it's not on your computer, don't assume that it's private.