diff --git a/src/applications/transactions/storage/PhabricatorApplicationTransaction.php b/src/applications/transactions/storage/PhabricatorApplicationTransaction.php
--- a/src/applications/transactions/storage/PhabricatorApplicationTransaction.php
+++ b/src/applications/transactions/storage/PhabricatorApplicationTransaction.php
@@ -1140,8 +1140,10 @@
   }
 
   public function describeAutomaticCapability($capability) {
-    // TODO: (T603) Exact policies are unclear here.
-    return null;
+    return pht(
+      'Transactions are visible to users that can see the object which was '.
+      'acted upon. Some transactions - in particular, comments - are '.
+      'editable by the transaction author.');
   }
 
 
diff --git a/src/applications/transactions/storage/PhabricatorApplicationTransactionComment.php b/src/applications/transactions/storage/PhabricatorApplicationTransactionComment.php
--- a/src/applications/transactions/storage/PhabricatorApplicationTransactionComment.php
+++ b/src/applications/transactions/storage/PhabricatorApplicationTransactionComment.php
@@ -143,8 +143,9 @@
   }
 
   public function describeAutomaticCapability($capability) {
-    // TODO: (T603) Policies are murky.
-    return null;
+    return pht(
+      'Comments are visible to users who can see the object which was '.
+      'commented on. Comments can be edited by their authors.');
   }