how to drop my info on APRS database
923 views
Skip to first unread message
JT Combs
Feb 5, 2021, 9:07:32 AM2/5/21
to aprs.fi
How do I drop all previous records of my track location from my callsign from the APRS database?
Lynn W Deffenbaugh (Mr)
Feb 5, 2021, 9:46:47 AM2/5/21
to apr...@googlegroups.com, JT Combs
Fast-forward a few years. They'll
eventually drop off over time.
Could you please delete my data from the service?
The data will be deleted automatically after 2 years. Some data will be deleted earlier.
Email communications can be easily forged, and I have no way of making sure you're really asking me to delete your data. Also, I do not have much time to manually respond to requests by individual users - there are tens of thousands of users who each have different kind of unique needs. Instead, I prefer to use my time to develop software features which benefit hundreds or thousands of users.
I won't be able to implement a software feature which would allow you to delete your APRS data, since that would allow anyone to delete data transmitted by someone else. There is no easy way to make sure you really are who you claim you are.
Amateur radio transmissions are defined to be in the public domain (by FCC rules in the US, and by respective legislation in most other countries, and I suppose, by international regulations). Anyone can receive them, and retransmit, publish or store them as they wish. If you do not wish your position to be published on the Internet, the only guaranteed way is not to transmit it.
Lynn (D) - KJ4ERJ - Author of APRSISCE
for Windows Mobile and Win32
On 2/4/2021 9:59 PM, JT Combs wrote:
How do I drop all previous records of my track location from my callsign from the APRS database? --
You received this message because you are subscribed to the Google Groups "aprs.fi" group.
To unsubscribe from this group and stop receiving emails from it, send an email to aprsfi+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/aprsfi/d4126764-d4da-4f01-9d83-bc21e6aa6223n%40googlegroups.com.
JT Combs
Feb 7, 2021, 2:38:31 PM2/7/21
to aprs.fi
total bullshit. The sensitive geolocation that appears is under rightful ownership of myself and in many countries I have the right to have public facing data deleted.. He can verify I am who I say I am just like APRS.DIRECT does it. If he such en expert programmer he can easily write the code necessary to automate the process and then we are not taking and of his "valuable time".
He is inflating the size of his database with two years of old data to make it appear more attractive to Googl Adwords. It is all about money. He has fallen right in with the Google con system YOU ARE THE PRODUCT. !!! Well I have some bad new fro Hekki, not everyone will put up with that bullshit. He go my geolocation throught the back door, I never gave him permission to use it. He got it by scraping it from DMR and Pi-Star.
Anyone with a large public facing thing like APRS.FI that has no contact form, no email, no way to request dropping of personally owned sensitive data is a scrum bag. He is hiding. Why is he hiding? People hide for a reason.
Heikki Hannikainen
Feb 7, 2021, 3:41:28 PM2/7/21
to aprs.fi
Hi,
Let me answer the points one by one.
I am not exactly hiding - if you'll read this discussion group, or some
other APRS related mailing list such as the APRSSIG, you'll find me
posting and answering questions here and there, with my name and email
visible. With the aprs.fi web site, I'm pointing users to post questions
here, so that the answers will also be public (not private and hidden),
and that others could learn from them. They'll also be archived and
hopefully others might find the answers to their questions from the group
archive without asking the same question again
(https://groups.google.com/g/aprsfi). Just take a quick look at the
archive, and then consider again if I am trying to hide. The group is
moderated so that off-topic posts don't get flooded here (there's a lot of
generic APRS questions coming in, and questions about APRS products from
vendors X and Y), but I do let critical posts through too, as long as
they're about aprs.fi itself.
I am not aware of how aprs.direct does the process, could you please
explain carefully how the user's identity and ownership of a callsign is
validated in a strong manner? Please do so without being rude at anyone.
Google will never know if the position archive has one, two or three years
of data, it isn't quite smart enough to dig that deep in the pull-down
menus of time ranges in the map data. I bumped the archive time from one
to two years when people were complaining their precious tracks were
getting deleted too early. Some people still complained, so I added the
export feature to download it.
aprs.fi does not "scrape" DMR or D-Star - that is simply incorrect. APRS
came first (25 years ago!), then the APRS-IS network (in the 90's I guess,
many years before I started doing anything with APRS), and some other
websites (findu.com, aprsworld.net, others?). I started working on aprs.fi
in 2006. Then, a few years ago, DMR came along, and some smart people
created gateways on the DMR network which push position data to the
APRS-IS. At this point I did nothing, the data just appeared on the
APRS-IS which aprs.fi gets the data feed from. DMR gateways (brandmeister
et al) are the active part here, converting data from DMR to APRS, for
users who choose to use the feature. Similar story for D-Star, but
happened earlier.
I *do* agree that it would be good if people could ask nicely and have
their data deleted from aprs.fi. I believe the GDPR requires this, and it
would also be really nice, correct and good. There are a few requirements
that would be necessary.
* People can't delete other people's data (just by saying "I am X, I want
to delete data of X"), as all sorts of abuse happens on a regular basis
and people would certainly delete data of others, and I don't want to
restore data from backups a lot.
* Ownership of callsign probably needs to be validated in a strong method.
Not just the fact that one is able to send some packets using callsign X
right now (easy to spoof), but the true identity of the visitor on the web
site (who the user is, as a person), and that the person is the rightful
owner of a callsign (or a representative of a club, or a custodian of a
repeater...).
* If this implies looking at documents such as photos of IDs, those are
actually very sensitive material, something that I wouldn't want to
request or handle at all. If they leaked accidentally, it'd be pretty bad.
The security requirements of such a system are quite different than of a
web site which by default publishes everything you send to it.
* One way to do slightly stronger authentication would be using ARRL LotW
certs, but it is a bit cumbersome and some people simply don't want to use
LotW for some reasons. I have suggested X.509 certificate use for APRS-IS
authentication and other amateur uses (TAPR Digital Communications
Conference 2013, Seattle WA, the video is on Youtube), but it hasn't
caught on and I haven't had time to push it forwards myself. It would
allow users to authenticate themselves *once* to some local authority
(ARRL or some other similar instance, or even a commercial entity) and
then aprs.fi and others could just trust certificates given by those
authorities.
One way to avoid strong identification would be to do some sort of
soft/shadow deletion, where an user can request deletion of data, and it
would be immediately hidden from sight, and marked for actual deletion
later (2 months? 3 months?). If it was deleted by someone else, the
rightful owner of the callsign could request bringing it back and it would
be fairly to simple to do so, just by making it visible again. At this
point it'd probably be necessary to do the strong authentication again,
but maybe it'd have to be done less often.
Some folks would probably want to have actual immediate real deletion, but
the GDPR is alright with this as a concept - for example, it doesn't
require systems operators to immediately burn all their backup tapes if
one user requires deletion of his data. There are some gotchas in there,
one must not accidentally restore data from backups which was requested to
be deleted for example. :)
I naturally agree I am an expert programmer (thank you!) but many things
take a lot of time to implement, some require a lot of manual processing
after all and are difficult to automate, and some things might not be
practical at all. Some sort of reasonable solution needs to be figured
out, and I welcome ideas. Especially those which do not involve manual
deciphering of foreign identity documents or amateur radio licences in
foreign languages.
>
>
- Hessu
Jean-Stéfane Bergeron
Feb 7, 2021, 4:21:31 PM2/7/21
to apr...@googlegroups.com
Thanks Heikki for taking the time to respond to this difficult question, made that much more difficult by the tone ...
For what's its worth, here are my suggestions on how to handle both the regulatory requirement and the personal information posted publicly by each operator -
I can't handle the specifics of each country's regulatory requirement, but I suspect this is become a thornier issue globally with increasing requirements for the data keeper. The last thing I want is to have a service like APRS-fi have to close because it is unable to comply to the privacy requirements.
Recognizing that each operator's APRS data is being posted publicly (we had to configure a radio to allow our call sign and geocode to be broadcast), I consider my APRS data to be in the public domain, and as such, I have accepted that it can be viewed, posted, even stored by anyone - that's the nature of the APRS data.
That said, I should be able to change my mind, and ask anyone who has been storing my data to delete of this data so they no longer have my APRS data. But, as you pointed out, authenticating the operator who's data it is will be challenging.
However, I really don't see any reason for this data to be stored and available for any length of time other than a few hours or days.
Yes, it is convenient for an operator to be able to retrieve their tracks from APRS but I don't believe it is the objective of service.
Should someone want to retrieve their own track, or the track of an object they have some relationship with (a weather balloon?) for the purposes of keeping or analyzing that information, they can or probably should use another solution than APRS.fi, etc.
I know I want to keep track of my travels and store that information both "locally" such as inside a GPS device, or using a "cloud" service, Garmin and Spotwalla in my case where the operator can comply with the regulatory requirement.
Maybe the solution is for APRS.fi not to retain the information beyond a set number of hours or days.
I would this helps the conversation.
J.S.
> https://groups.google.com/d/msgid/aprsfi/alpine.DEB.2.21.2102072153520.31640%40jazz2.he.fi.
>
For what's its worth, here are my suggestions on how to handle both the regulatory requirement and the personal information posted publicly by each operator -
I can't handle the specifics of each country's regulatory requirement, but I suspect this is become a thornier issue globally with increasing requirements for the data keeper. The last thing I want is to have a service like APRS-fi have to close because it is unable to comply to the privacy requirements.
Recognizing that each operator's APRS data is being posted publicly (we had to configure a radio to allow our call sign and geocode to be broadcast), I consider my APRS data to be in the public domain, and as such, I have accepted that it can be viewed, posted, even stored by anyone - that's the nature of the APRS data.
That said, I should be able to change my mind, and ask anyone who has been storing my data to delete of this data so they no longer have my APRS data. But, as you pointed out, authenticating the operator who's data it is will be challenging.
However, I really don't see any reason for this data to be stored and available for any length of time other than a few hours or days.
Yes, it is convenient for an operator to be able to retrieve their tracks from APRS but I don't believe it is the objective of service.
Should someone want to retrieve their own track, or the track of an object they have some relationship with (a weather balloon?) for the purposes of keeping or analyzing that information, they can or probably should use another solution than APRS.fi, etc.
I know I want to keep track of my travels and store that information both "locally" such as inside a GPS device, or using a "cloud" service, Garmin and Spotwalla in my case where the operator can comply with the regulatory requirement.
Maybe the solution is for APRS.fi not to retain the information beyond a set number of hours or days.
I would this helps the conversation.
J.S.
>
W D
Feb 8, 2021, 2:32:09 AM2/8/21
to aprs.fi
It is public record. Like someone taking a video of you in public. Don’t like it, then don’t transmit.
Heikki Hannikainen
Feb 8, 2021, 3:00:41 AM2/8/21
to apr...@googlegroups.com
On Sun, 7 Feb 2021, Jean-Stéfane Bergeron wrote:
> Recognizing that each operator's APRS data is being posted publicly (we
> had to configure a radio to allow our call sign and geocode to be
> broadcast), I consider my APRS data to be in the public domain, and as
> such, I have accepted that it can be viewed, posted, even stored by
> anyone - that's the nature of the APRS data.
That is a good starting point, as all of those positions will be published
> Recognizing that each operator's APRS data is being posted publicly (we
> had to configure a radio to allow our call sign and geocode to be
> broadcast), I consider my APRS data to be in the public domain, and as
> such, I have accepted that it can be viewed, posted, even stored by
> anyone - that's the nature of the APRS data.
on the APRS-IS, where anyone in the world can connect, get the full data
stream, and archive it, without anyone knowing it happened. aprs.fi is
just one public example, there are a couple of other web sites doing the
same, and I am sure there are a few people or organisations doing so
without publishing the data on a web site.
> However, I really don't see any reason for this data to be stored and
> available for any length of time other than a few hours or days.
>
> Yes, it is convenient for an operator to be able to retrieve their
> tracks from APRS but I don't believe it is the objective of service.
wanted to look at past data, because they realized the interest in it much
later. It has been an objective of the service. There are not many other
convenient tools to archive APRS tracks and look it up later. I'm not sure
if APRS client apps have such a feature, to record tracks of specific
stations and view them later. Lynn KJ4ERJ probably knows?
I guess one way to find out would be to hide historical data (past 1
month?) and measure the volume of the yelling here. :)
> Maybe the solution is for APRS.fi not to retain the information beyond a
> set number of hours or days.
technically, I'm afraid it would not fulfill the regulatory requirement.
If it is archived, there should be a way to delete it and take it down,
even if it is archived for a relatively short period.
One issue is that there are a lot of people getting APRS capable equipment
from vendors X and Y, DMR and D-Star radios even without realizing the
data will be ported to APRS. They may realize the worldwide publicity and
archival of the data much later. They don't get to read a privacy policy
or EULA document of APRS before they start using it. Maybe it'd help if
a simple "APRS privacy warning" document would exist, which could be
distributed by all APRS-capable vendors with their software and equipment.
The aprs.fi iOS app, which supports deletion of data from aprs.fi when the
data was uploaded by the app itself, gives the following warning when TNC
or APRS-IS beaconing is enabled:
"""
When transmitting positions using a TNC or over the APRS-IS, they will be
distributed worldwide on the APRS-IS network where anyone can monitor and
record them. The data is published and archived by multiple web sites.
While the aprs.fi app allows deletion of transmitted tracks from aprs.fi,
it may be difficult to remove them from other archives.
"""
Another idea that just now came to my mind would be a "time to live" APRS
extension, where the position data itself would specify a TTL after which
it could be deleted ("ttl=720d"). It'd be much heavier on my current
database which drops old data by partitions (single file on disk per time
range, which can be deleted quickly when the time comes). Again, it would
not fulfill the requirement since one should be able to change their mind
later, but it would allow requesting a longer or shorter archival time
than a default storage of 3 months, for example.
- Hessu
Jan Peterson
Feb 8, 2021, 8:47:38 AM2/8/21
to apr...@googlegroups.com
I found a few things interesting about this...
1. The user rages about Google, but is using a Gmail address.
2. ... requests deletion of his data, but fails to provide his callsign. Are you supposed to divine his call through arcane methods?
3. ... rages about his private data that he sent out over public airwaves. Did he not understand how his equipment worked?
"People, they're the worst." - Jerry Seinfeld
73 de KD7ZWV
-jan-
Heikki Hannikainen
Feb 8, 2021, 9:24:22 AM2/8/21
to apr...@googlegroups.com
On Mon, 8 Feb 2021, Jan Peterson wrote:
> 2. ... requests deletion of his data, but fails to provide his callsign. Are you supposed to divine his call through arcane
> methods?
I kind of understand not including a callsign here on the group. If one
> 2. ... requests deletion of his data, but fails to provide his callsign. Are you supposed to divine his call through arcane
> methods?
has published tracks unintentionally, without understanding that they will
be archived and public for quite a while, they probably don't want to
publish which data should be deleted, because there might be something to
hide and everyone would then go and see. Deletion requests should be kept
private.
> 3. ... rages about his private data that he sent out over public
> airwaves. Did he not understand how his equipment worked?
DMR radio, start publishing positions - you don't get a warning that the
DMR network may also convert the data to APRS format and that it will be
visible to anyone in the world, and will be archived by aprs.fi and
others, and nobody will know who else will be archiving it and what they
shall do with the data. Same goes for D-Star.
Maybe there should be some sort of privacy warning sticker attached to the
radio keypad, which you'd have to remove before turning on the radio. :)
I just checked the IC-9700 Advanced Instruction Manual for kicks. The
section about GPS operation, D-PRS transmissions etc, is 41 pages long,
but privacy or archival is not mentioned. Same thing for the TH-D74
manuals. It will probably be obvious that others who can hear your signal
will then receive the GPS tracks, but it is not obvious that it will be
published on the APRS-IS for anyone to archive, and that it will be
archived by aprs.fi and others.
As storage space is becoming cheaper, I'm assuming soon someone will be
recording and archiving all of the HF bands in I/Q format from an SDR, and
making a web service where you can listen to HF amateur transmissions
which happened on any amateur frequency last week. It's only a little
extension from the KiwiSDRs, just add storage and a little bit more CPU or
FPGA. It'll be really cool, but there will be som, um, customer feedback.
- Hessu
Reply all
Reply to author
Forward
0 new messages