Jörg DL1DLF has sent out the following email:
Hallo liebe Funkfreunde,
ich hoffe euch geht es gut.
Wie ihr sicherlich wisst, tritt zum 25.05. die EU-DSGVO in Kraft. Ich habe leider keine Zeit, und auch nicht das juristische und technische Wissen mich weiter mit dem Thema zu beschäftigen. Deswegen werde ich meine Webseite und die App nicht umbauen, sondern morgen abschalten. Ich hoffe auf euer Verständnis.
Ich würde mich freuen euch noch mal zu treffen, und auf die Berge zu wandern.
Schöne Grüße und 73 von
In short with the introduction of the new European Law for data protection and security on Friday of this week, Jörg has decided to close down his RRT web site.
I’m not sure if that only means no new versions of RRT or whether RRT talks to his website to get its data if the latter is the case, installed apps will stop working.
So what is a good alternative for an Android phone?
Compton, try sota spotter app. I reckon it is better than RRT.
Sad about RRT. Used to be my favourite so running it here on the last day for old times sake.
The one I use now Compton is VK port-a-log. I use it for all portable logging too. Highly recommended!
73, Gerard - VK2IO
I use Sota Spotter most times although RRT was handy for making sure one was at the summit or at least getting near.
The more laws the more colateral damage and useful things are lost to us.
Hi Compton, Christopf ON6ZQ keeps a good index to SOTA software for many platforms (PC and Phone) here: ON6ZQ | SOTA related software
As one of the many users of RRT I am saddened by the fact that Jörg has taken the decision to discontinue/close down RRT. Surely if the new European legislation has forced Jörg to take this action then other providers of similar EU based SOTA apps should also discontinue their services or make provision to work within the new law??
A comment from someone who has knowledge of the new European Legislation would be welcome as this new ruling is now very confusing.
73 Allan GW4VPX
Yes there is much debate and a lot of nonsense related to GDPR. Basically the new law says that when collecting personal data companies need to make it very clear what data they’re collecting and how they’re using it and to give the user full control over their data.
One use of personal data is email marketing. The avalanche of GDPR emails during the last weeks were trying to let you know what the new policy is and get you to agree on it. While in the past consent was implicit (if you don’t want our emails, unsubscribe) now GDPR requires explicit consent (if you want our emails, subscribe), but there are other legal basis for using personal data other than consent. For example, a company that sold you an FT-817 3 years ago might still email you about the new FT-818 even if they don’t have your explicit consent, on the basis of legitimate interest (we have legitimate reasons to think you might be interested in this). No matter what legal basis they use, they have to make it easy for the users to have their data removed (for example, unsubscribe from emails) if they want to.
There are many other uses for personal data (analytics, behavioural advertising, website optimisation, fulfilling orders, improving user experience, scanning for fraud etc) and some data can still be held on for a while even if you request to have it deleted.
I have been involved in the GDPR compliance process at my work place, but it’s mostly related to digital marketing. Not very familiar with how it affects apps, but the general principles should still apply. I’ve offered Jorg to host the RRT page and download on qrpblog.com and handle GDPR compliance.
Thanks Razavan for your input and offer of help to Jorg.
73 Allan GW4VPX
Just adding to what Razan has said, I heard from a UK AR club secretary that even they have to conform to the act, stating what data is being collected and how it is stored (encrypted is preferred) so as well as the large and not so large Internet marketting organisations, also not for profit organisations such as radio clubs will be hit with extra work (and costs).
I was at my family doctor’s practice yesterday and was asked to sign an agreement that they can keep my medical data. I’m surprised that that wasn’t covered previously under medical data regulations but even if it was it appears they have to request permission again under the GDPR.
Lots and lots of organisations, not just businesses are affected.
I wonder if all of this was triggered by Mr Sugar-mountain and similar companies exploits over the last couple of years?
some organisations are going the “better safe than sorry” route and they create a lot of unnecessary work for themselves. A medical practice won’t need to get permission to use your data for the purpose it was provided for before GDPR, but they need permission to use your data for other purposes (marketing, providing it to 3rd parties etc). The same with clubs, if they only use your data for club-related business (to let you know about upcoming club activities, your membership renewal etc), they won’t need members to sign a new agreement; letting users know what the new policy is is enough.
They will however have to implement the other requirements, like safeguarding user data, a system that retrieves and/or deletes user data at their request etc.
Thanks for the clarification Razan, you obviously have a deep evel of knowledge on the subject. Interestingly, the paper at the document specifically stated they wont use any of my data for marketing purposes nor pass it on to a third party. As you say, they’re probably being extra careful to conform.
I seem to recall that the sanction is up to 10% of turnover. That would be hard to impose for a free app.
Fines are up to £20M or 4% of turnover, whichever is greater
However, they can escalate to that only after other actions have been taken against the guilty party and they still haven’t complied. The first action can be as simple as a warning.
There’s a lot of nonsense told about GDPR. IANAL, but in the cases of membership lists for clubs, &c, this should be covered by legitimate interests. It is entirely possible that opt-in requests could themselves be illegal, in so far as if they need to request consent (to qualify for storage of your personal data under the consent part of GDPR) they probably didn’t have a basis for sending that message in the first place! Organisations are not allowed to send unsolicited opt-in requests under earlier legislation.
You can attempt to justify the flood of GDPR opt-in emails on the basis the companies believe they have opt-in consent or legitimate interest reasons but want to cover themselves by being able to show specific opt-in.
I get really annoyed by companies emailing me when they shouldn’t but I’m happy with the “please say yes” GDPR emails I’m receiving as I get to choose to opt-in or not.
I totally agree that the rash of emails is annoying. I have deleted three just today and several tens in recent weeks. The positive thing that should come out of this is that (hopefully) we should not be pestered by companies when you buy products from them.
In the case of Rucksack we are not making a purchase and we have voluntarily downloaded the app to be able to use it. If there is a requirement under GDPR for Jörg to submit to, then surely it is down to a failure on the part of the legislators. The net has been spread too widely. Let common sense prevail… oh sorry, I forgot, that left the planet in 1989.
You didn’t believe the GDPR angle did you?
The issue is not the regulation itself so much but rather the crazy over-interpretation of it. I have work emails back to 1987, carefully kept backed up over the decades by our hard-working tech staff. Probably going to have to blitz the lot in case I’ve got the odd telephone number in there!
You should try working for a US company… ruthless email deletion policy to comply with Sarbannes-Oxley.