Every sales department needs to have leads that can be viewed by other sales department employees for reasons such as a streamlined sales or customer service process in the event that the original sales employee is unavailable to assist. I'm sure everyone agrees.

For this reason, Zoho CRM has "Share data with peers" where User A of Sales department can see the leads of User B of the Sales department. What Zoho has done in this is something beyond understanding and makes you wonder what goes on with their "CRM design team". 

Just because you have share data with peers enabled, any user of the same role/profile can edit or delete someone else's notes as long as they belong to the same role/profile.

Am I the only one going crazy over this? This is a serious security breach!