Users are required to complete this reading before using the Gun Geo Marker Mark 1 App.
Anonymity, privacy and discretion
When marking any site, it is always the best policy to maintain as much discretion as you possibly can. Because the Gun Geo Marker Mark 1 only allows you to mark a site at which you are physically present, you must feel comfortable enough to stand in that actual location and operate the user interface, for perhaps up to a minute. If you don’t feel safe doing this discretely, then it is not feasible to mark the site and you should not attempt it.
The sign-on/login process with a unique Google Id (as in, your Google+ account or Google identity which may include multiple user accounts) is required to use the Walkingtools Gun Geo Marker, but the marks you place on the map are 100% anonymous and can not reasonably be traced back to the account or user placing the mark. The App does send uniquely identifiable information (encrypted) across a secure (SSL) connection. Our server caches that data for a short time: for only 24 hours after you have logged in, after which it is deleted. Longer term storage of any potentially uniquely identifiable information is hashed (scrambled) in such a way that it if the project were to receive an already unlikely subpoena (because First Amendment), any information the project would be able to provide would be useless in terms of revealing the identity of a person placing a mark. Further, the specific identifier that we encrypt (in an unrecoverable way) and store on our servers is itself an identifier that Google promises is obscure. In other words, even if someone could unscramble the encrypted (hashed or scrambled) key that we use to identify your subsequent visits, (a cryptography feat maybe only the National Security Agency could accomplish), they would be left with an obscured key that only Google could relate to any particular user. (You can make your own assessment about how willing you think Google might be to cooperate with some some legal troll on an already unlikely-to-succeed fishing expedition trying to reveal the identity of its customers.) Further, we flush the normal http server logs on a daily basis to further preserve your anonymity. Gun Geo Marker Mark 1 has layers of protection that are practically impossible to defeat.
Do be aware, however, that various aspects of the internet itself leave evidence of your activity behind, although this is typically unavailable to the public and is extremely difficult to piece together. Thus while your service provider (or our state security and surveillance apparatus, for example the NSA and FBI) might certainly be able to piece together *all* of your online activity including your use of this App, anyone else normally can not. (But your employer can possibly determine what URLs you are connecting to when using your workplace network, just fyi.) And be aware, of course, that installing and keeping the App on your phone is something that anyone with direct access to use your device might become aware of. Locking your mobile device with a password is a good way to protect your data in general, as is using this App only on your personally controlled devices.
The bottom line is that while our servers can recognize that a unique individual entity is visiting, the only traces that could possibly identify you are deleted within 24 hours of any use of the the App, after which you have have nearly pure anonymity. (Please see the Marking Guidelines section for other ways that people might theoretically come to know you marked a location, such as observing you physically standing at a site and marking the location, just for example.)
An important caveat
Any attempts to to hack or attack our servers voids any promises of privacy. Normal use of the the installed App can not be misconstrued as abuse. Intentional manipulation of the App, running it excessively on multiple devices under the same Google Id, or frequently installing and uninstalling the App might very well be construed as abuse. Any attempts to reverse compile or simulate the App, unauthorized presentation of credentials to our servers, or otherwise defeating the security measures by scanning, DoS, or cracking secure identity systems voids any promises of anonymity expressed in this privacy document, as well as potentially violates the Computer Fraud and Abuse act of 1986.
Be careful with the extra information you post.
It may be useful to bear in mind that any information you submit about the context of your marked sites of concern is of course shared with every person who uses the App somewhat near to the sites you have marked. You might inadvertently reveal or provide hints about who you are to any other anonymous users who might know you. For example, maybe someone knows your text or spelling habits, and perhaps the extra information you post about a site is information that would be known within your community in a way that identifies you to people who have some relation to site you have marked. Note that you do not have to provide any extra text info to mark a location, even though doing so is very useful to other users in determining the veracity of the site. Selecting a category of concern is the only requirement, and that much is probably generic enough to maintain your anonymity in most cases. And if the categories are of concern to you, simply use the “Other” category. And if marking sites feels precarious to you in any way, please don’t mark it at all. The App might still be of use to you for in understanding your neighborhood, even if you don’t contribute data.
Your Location Coordinates while using the App
The App needs permission to read your exact (“Fine”) location. When you submit a site for marking, the exact location of your mobile device (at the time a marker is sent across the internet, encrypted by ssl) will be stored in our database as a marked site. When you search for sites, your current location is also sent across the internet (encrypted by SSL), albeit it exists only in our server’s working memory, and only for mere milliseconds, never being stored.
The local scope of geolocation in the Walkingtools Gun Geo Marker
The software is designed specifically to be a local use tool. Users must be physically present in an area or neighborhood to either mark sites or view nearby markers that have been submitted by others. The Gun Geo Marker Mark 1 can only mark a location if you are physically standing on the actual spot, and once placed, markers can not be moved or removed. (Though a delete feature is planned for a future version, probably soon.) The software will also only allow you to browse sites that have been marked by others within a few miles of your current location. This is so that that (for example) parents or concerned citizens can examine potentially dangerous sites in their own local area. There is no way to use the tool to browse data on a larger geographic scale or without actually being in the area you are examining. (There is no “pinching” or “sweeping” to position the map to areas other than your actual location.)
All data is eventually and automatically removed from our servers after a period of time. This limited temporal scope is to protect against stale data.
Users are limited to marking exactly one site. One day after marking a site, the user can mark a different location, but this has the effect of erasing the first mark. This design feature avoids some of the gratuitous marking that earlier opponents of the project participated in (mostly out of ignorance and hyperbole), and is also the result of the author’s desire that the tool function more so in the hands of many users within communities of concern. I am considering an unlimited version of the software that might be provided free to confirmed non-profit organizations working for gun sense within their neighborhoods. Feel free to share your thoughts about this idea.
Finally, some copyright info
The software is a project of the Walkingtools.net Lab at UCSD and lab partner UNIFESP. Being a project of the lab, the copyright on the software is as follows:
Copyright (c) The Regents of the University of California.
All Rights Reserved.
This software program and documentation are copyrighted by The Regents of the University of California. The software program and documentation are supplied “as is”, without any accompanying services from The Regents. The Regents does not warrant that the operation of the program will be uninterrupted or error-free. The end-user understands that the program was developed for research purposes and is advised not to rely exclusively on the program for any reason.
IN NO EVENT SHALL THE UNIVERSITY OF CALIFORNIA BE LIABLE TO ANY PARTY FOR DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES, INCLUDING LOST PROFITS, ARISING OUT OF THE USE OF THIS SOFTWARE AND ITS DOCUMENTATION, EVEN IF THE UNIVERSITY OF CALIFORNIA HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. THE UNIVERSITY OF CALIFORNIA SPECIFICALLY DISCLAIMS ANY WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE SOFTWARE PROVIDED HEREUNDER IS ON AN “AS IS” BASIS, AND THE UNIVERSITY OF CALIFORNIA HAS NO OBLIGATIONS TO PROVIDE MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.