Jump to content

The effect of new private policy on challenge checkers


SheepOnTrip

Recommended Posts

New challenge caches today got to use a challenge checker through project-GC. But due to the recent changes in the private policy in geocaching.com, anyone who is marking the box of "Do not allow Authorized Developer applications to access my public profile information" can not use the challenge checkers anymore: they all act as if the user does not have any finds at all - even if you authenticate your user in project-gc specificaly. 

In some challenges it is quite difficult (even impossible) to see if you are qualified to get the cache without using the checker. 

Does geocaching.com aware to this change? Do they have any plan to arrange a different system to check challenges without forcing people to share their data with all "Authorized Developer applications" what so ever? 

  • Upvote 1
Link to comment

Ugh! Here is the end of CC's.  :drama:

 

If someone doesn't want to share their data, then they should go through whatever steps are necessary to prove they qualify for a challenge.  Honestly, it's not a requirement to claim a find on a challenge cache, so either agree to share your Find data or go through the steps to document that you qualify.  There isn't much PII in public profile info anyway.

  • Upvote 2
Link to comment

There is no obligation to use the checker to see if you qualify only that there's a checker available. If you don't want to share your info, fine, just check manually or use software on your own computer.

GDPR is all about choice and control over your personal data and sometimes not sharing data will have disadvantages.

 

 

  • Upvote 3
Link to comment
Quote

For cache pages published after April 21, 2015 with a challenge checker, the owner can confirm the finder's qualification with the checker when the cache is logged as found. No further documentation is required from the finder.

 

There is no such option that the finder should offer any proof but in this case it is the only solution to get the challenge accepted if the checker will not accept it.

  • Upvote 1
Link to comment

Interesting issue. I'm not sure what the documentation actually ended up saying, but the announcement of the challenge checker requirement and the subsequent discussion left me with the impression that a key reason for challenge checkers was to eliminate the possibility of any less concrete way to demonstrate satisfying the challenge. If they didn't actually require using the challenge checker, I'd consider it an oversight. Otherwise, anyone that wanted to could pick the same fight with the CO that GS intended to prevent.

 

I'm not clear on what happened, but it sounds like a simple tradeoff: if you want to check the box to disable the normal authorization process that allows you to check challenges, then you can't do challenges. Is that a big deal? It strikes me as exactly the same as not clicking "OK" when project-GC tries to authenticate itself to geocaching.com, and you've always been able to do that.

  • Upvote 2
Link to comment
36 minutes ago, dprovan said:

I'm not clear on what happened, but it sounds like a simple tradeoff: if you want to check the box to disable the normal authorization process that allows you to check challenges, then you can't do challenges.

 

Agreed, I think people need to realize that in order to even DO challenges your find history must be sent to the 3rd party. If you chose not to do that, then even regardless of the website's functionality, you've chosen on principle that challenge caches are not something you will do, because it shares your personal information.  It's a fundamental disconnect.

 

Now, alternatively, there could be an option either to explicitly download and send your information for checking to PGC, or an option to override the selection (with an agreement button) for that particular feature, or just put in fine print that the privacy toggle doesn't include the delivery of find history to PGC specifically.

 

Or just leave it as is and recognize that protecting your privacy means no sending of Finds to PGC, so no challenge caching :)

  • Upvote 2
Link to comment
3 hours ago, thebruce0 said:

Agreed, I think people need to realize that in order to even DO challenges your find history must be sent to the 3rd party.

I may be mistaken, but I'm pretty sure that using a Challenge Checker to prove qualifications is not required.  If a challenge says that I need to have X Trads, Y Unknowns, and Z Multis - then I could just attached a screenshot of my geocaching.com Statistics. No need to run a Challenge Checker.

Same thing for challenges with more 'complex' requirements.  If a cacher finds another way to show that they qualify, apart from using a challenge checker, then that is okay.

Link to comment
1 hour ago, noncentric said:

I may be mistaken, but I'm pretty sure that using a Challenge Checker to prove qualifications is not required.  If a challenge says that I need to have X Trads, Y Unknowns, and Z Multis - then I could just attached a screenshot of my geocaching.com Statistics. No need to run a Challenge Checker.

Same thing for challenges with more 'complex' requirements.  If a cacher finds another way to show that they qualify, apart from using a challenge checker, then that is okay.

 

The Help Centre currently says that, for post-moratorium challenge caches, the finder doesn't need to provide any documentation in their log to show that they qualify.

 

Quote

Challenge caches published after April 2015 are allowed to have ALRs, signing the log does not require further documentation.

 

This is expanded in the section on hiding a challenge cache where it says:

 

Quote

For cache pages published after April 21, 2015 with a challenge checker, the owner can confirm the finder's qualification with the checker when the cache is logged as found. No further documentation is required from the finder.

 

It's probably hypothetical, but where does a CO stand if a finder with a hidden profile logs a challenge cache without providing further documentation? Is the CO required to delete that log to fulfill his or her cache page maintenance responsibilities or must they let it stand under the "no further documentation is required from the finder" rule?

Link to comment
42 minutes ago, barefootjeff said:

It's probably hypothetical, but where does a CO stand if a finder with a hidden profile logs a challenge cache without providing further documentation? Is the CO required to delete that log to fulfill his or her cache page maintenance responsibilities or must they let it stand under the "no further documentation is required from the finder" rule?

Unfortunately, I'm afraid that this won't be purely hypothetical and some cache finders will complain to HQ if their CC Finds are deleted because they provide no proof of their qualifications and they don't allow PGC Challenge Checkers to validate them.

 

Hopefully, GS will revise the challenge cache page in the Help Center to further clarify things. The section you quoted says that the owner can confirm qualification with the checker, but that is not always the case. The block of text that says "no further documentation is required" should be predicated on the finder allowing challenge checkers to access their find data.

 

For example, change:  " For cache pages published after April 21, 2015 with a challenge checker, the owner can confirm the finder's qualification with the checker when the cache is logged as found. No further documentation is required from the finder. "

To this:  " For cache pages published after April 21, 2015 with a challenge checker, the owner can confirm the finder's qualification with the checker when the cache is logged as found. No further documentation is required from the finder, unless the finder does not allow Project-GC to access their find data. "

 

  • Upvote 1
Link to comment
12 minutes ago, noncentric said:

Unfortunately, I'm afraid that this won't be purely hypothetical and some cache finders will complain to HQ if their CC Finds are deleted because they provide no proof of their qualifications and they don't allow PGC Challenge Checkers to validate them.

 

Hopefully, GS will revise the challenge cache page in the Help Center to further clarify things. The section you quoted says that the owner can confirm qualification with the checker, but that is not always the case. The block of text that says "no further documentation is required" should be predicated on the finder allowing challenge checkers to access their find data.

 

For example, change:  " For cache pages published after April 21, 2015 with a challenge checker, the owner can confirm the finder's qualification with the checker when the cache is logged as found. No further documentation is required from the finder. "

To this:  " For cache pages published after April 21, 2015 with a challenge checker, the owner can confirm the finder's qualification with the checker when the cache is logged as found. No further documentation is required from the finder, unless the finder does not allow Project-GC to access their find data. "

 

 

I agree, this is the implication, exactly. And one of possible solution, maybe the best compromise.

The other one is - if you do not allow Authorized Developer applications to access your public profile information, you can't do CC's anymore.

Link to comment
15 minutes ago, FitReviewer said:

The other one is - if you do not allow Authorized Developer applications to access your public profile information, you can't do CC's anymore.

 

That's perfect Vulcan logic. <_< Of course, some want it all, hide their stats and log CC's without the CO being able to check if they qualify.

 

Link to comment

I used to think that (new) challenges may only be based on logs (more specifically on log type/date) and cache data (country, D, T, cache type, cache size, attributes, hidden date, number or favorite points etc.) and nothing else (with some exceptions - informations that are not included in geocache listings but derived from coordinates in listing like county and elevation). 

 

"You can opt out of having your public profile information shared with other users in our API Authorized Developers websites and applications by opting out in the Preferences tab of your Account Settings. Please note that even if you opt-out, your logs (including log photos) for geocaches and trackables will continue to be viewable in the context of the log history for a particular geocache or trackable. If you wish to stop sharing these logs, you must delete them from your account."

 

Doesn't the challenge checker system collect geocache listings - or at least the informations possibly necessary for challenge caches - like country, D, T, cache type, cache size, attributes, hidden date, number or favorite points etc. - and of the logs associated to the listings at least the log type, that is 'found it' or 'attended' and the date for challenge checker purposes into a database? And then is building the find list from that data, without any need for looking at 'pubilc profile information' or elsewhere?

 

If you could opt out of that system too you should also not be allowed to log challenge caches as finds if the owner can't verify easily (or not at all for more complicated tasks) whether you qualify for the challenge. You can't hide everthing and claim whatever you want at the same time.

 

On the other side it might become difficult to prove (if a reviewer asks for it) that the required number of local cachers fulfil the challenge already before publish, if too many opt out of the system.

 

And I agree, without means to verify whether the requirements are met then having challenge caches at all is merely obsolete.

Link to comment
34 minutes ago, AnnaMoritz said:

Doesn't the challenge checker system collect geocache listings - or at least the informations possibly necessary for challenge caches - like country, D, T, cache type, cache size, attributes, hidden date, number or favorite points etc. - and of the logs associated to the listings at least the log type, that is 'found it' or 'attended' and the date for challenge checker purposes into a database? And then is building the find list from that data, without any need for looking at 'pubilc profile information' or elsewhere?

 

I suppose in theory it could do that, but it would have to look through all the logs on every potentially qualifying cache to see if the cacher being queried found (or attended) that cache, and since for some challenges the list of qualifying caches could be quite dynamic (D, T, size, attributes and FPs can all change at a whim), it could potentially have to search through every cache that's ever existed to create a current list of qualifying caches. Far simpler and far less processing-intensive to look through the cacher's finds and see which of those are qualifying caches, but that approach is blocked if the list of finds in the profile is hidden.

Link to comment

I don't know, but I don't think that challenge checkers are served by live-API. Why else would there be a 24-48 hour timespan have to be announced between logging on gc.com and the logs showing up in project-gc if logs (or extraced information like log typ and log date) were retrieved by life-API when you push a challenge checker button?

 

Edited by AnnaMoritz
Link to comment

As a challenge cache owner, I'm not seeing an issue here.  My understanding is that Project-GC, as an authorized Geocaching Live! API partner, retrieves everyone's logs from the Geocaching.com database via the API.  I can run a challenge checker on a member who was banned from Geocaching.com prior to the launch of Project-GC, and his statistics show up perfectly.  So does his progress on the challenge caches I own.  There is zero chance that this banned member ever authenticated at Project-GC with his Geocaching.com credentials.

 

The challenge checker is there, in part, so that I can very whether the finder actually completed the challenge requirements.  On a post-moratorium challenge, I use the checker because I cannot require the finder to post a bookmark list, a GSAK screenshot, or other proof of qualification.

Edited by The Leprechauns
Link to comment

That was before GDPR. Everyone's logs where imported by project-gc. If a cacher now decides not to share his/her data with 3rd party sites or apps his/her user ID is reported as "zero" and no info is transferred to project-gc anymore. I'm not sure about data already transferred (although it should be deleted from the 3rd party databases) but at least  no new data is added.

If project-gc would still be able to get logs they would violate GDPR laws and being Swedish they certainly wouldn't want to do that. ;)

 

Link to comment
3 hours ago, barefootjeff said:

it would have to look through all the logs on every potentially qualifying cache to see if the cacher being queried found (or attended) that cache, and since for some challenges the list of qualifying caches could be quite dynamic (D, T, size, attributes and FPs can all change at a whim), it could potentially have to search through every cache that's ever existed to create a current list of qualifying caches. Far simpler and far less processing-intensive to look through the cacher's finds and see which of those are qualifying caches, but that approach is blocked if the list of finds in the profile is hidden.

 

I'd think that given the 3rd party already has publicly available logs, they could just do a search for logs by that user - that's not the same as specifically retrieving that user's collected data. So it wouldn't be hard to provide stats based on -- publicly accessible data.  The problem is, if there are any relevant caches that aren't in their data then the user's stats will be incorrect (and they wouldn't know which caches to retrieve to get updated data). So it would depend on how the 3rd party handles archived caches, or caches that haven't yet been retrieved  to their system, or caches that haven't been updated since the user logged them.

 

Essentially, a 'private' user's statistics would be unreliable, if the 3rd party is disallowed from reitreving that user's complete and current find history.

Link to comment
9 hours ago, noncentric said:

I may be mistaken, but I'm pretty sure that using a Challenge Checker to prove qualifications is not required. 

 

Remember this guideline: "the owner can confirm the finder's qualification with the checker when the cache is logged as found"

When the owner does what the owner must do, the owner gets "not qualified" result and deletes the Found it log. There is just a  voluntary option to allow logs with other proof but it is not mandatory for the CO, just an option. If there is a dispute about qualification the checker wins.

Link to comment
2 hours ago, The Leprechauns said:

As a challenge cache owner, I'm not seeing an issue here.  My understanding is that Project-GC, as an authorized Geocaching Live! API partner, retrieves everyone's logs from the Geocaching.com database via the API.  I can run a challenge checker on a member who was banned from Geocaching.com prior to the launch of Project-GC, and his statistics show up perfectly.  So does his progress on the challenge caches I own.  There is zero chance that this banned member ever authenticated at Project-GC with his Geocaching.com credentials.

Has anybody tested this new policy to see the effect?

 

If not, I propose a test. Cacher A, who has qualified for a particular challenge cache with a Project-GC checker, goes into his account and changes his privacy setting prohibiting third parties from accessing profile info. Then, Cacher B, goes to the Project-GC checker and runs it on Cacher A, who we already know qualifies, to see if the checker still works on him.

Link to comment

If privacy is that much of a concern, there's no need to log finds on caches anymore.  Just keep a private tally and add finds to the Ignore List to get them off the map.

 

Otherwise, I don't think it doesn't make that much sense for someone to log geocaches, knowing that all finds are publicly displayed on one's profile, and then turn around and insist on some nebulous right to privacy when opting to log a challenge cache.

 

I idly wonder whether there are any non-logging cachers that have also privately completed challenges as well.  Easy enough if the coordinates are openly displayed, but it'd be an interesting email exchange for those older, grandfathered challenge caches with bogus coordinates, such as the Virginia Delorme Challenge, the location of which is still nowhere near the posted coordinates.

Edited by hzoi
  • Upvote 1
Link to comment
1 minute ago, Team Christiansen said:

If not, I propose a test. Cacher A, who has qualified for a particular challenge cache with a Project-GC checker, goes into his account and changes his privacy setting prohibiting third parties from accessing profile info. Then, Cacher B, goes to the Project-GC checker and runs it on Cacher A, who we already know qualifies, to see if the checker still works on him.

If the test doesn't work, we then have a concern about challenge cache owners being able to verify the cachers' finds. If it does work, then Inigo Montoya can say, "I don't think that means what you think it means." :P

Link to comment

The only time I allow Project GC access to my information is when I need to generate proof for a challenge cache. I get what I need, then turn it back off.

 

I really think  Groundspeak needs to edit the rules on the Challenge Caches, so that if you do not allow Project GC access (like me), then the burden is on you to prove you met the requirements of the challenge cache.

 

I always prove it, one way or another.

 

But I don't think anyone who denies access shouldn't be allowed to do challenge caches. I just think the burden of proof is (should be) on them if they choose this.

Edited by Max and 99
spelling
  • Upvote 1
Link to comment
1 hour ago, Max and 99 said:

But I don't think anyone who denies access shouldn't be allowed to do challenge caches. I just think the burden of proof is (should be) on them if they choose this.

 

That's fine, so long as you acknowledge the challenge cache owner's right to delete your log because you've affirmatively acted to remove the CO's ability to easily validate your qualifications.

 

If I owned a simple challenge, like "Find 200 Mystery Caches," I would likely click on your profile link to confirm you met the requirements.  But, for my Pennsylvania All Counties Challenge, I'm not about to verify your list of finds to make sure they cover all 67 Pennsylvania counties, when there is an automated checker to do that work for me.  It would be my right to delete your log.

  • Upvote 2
Link to comment
27 minutes ago, The Leprechauns said:

 

That's fine, so long as you acknowledge the challenge cache owner's right to delete your log because you've affirmatively acted to remove the CO's ability to easily validate your qualifications.

 

If I owned a simple challenge, like "Find 200 Mystery Caches," I would likely click on your profile link to confirm you met the requirements.  But, for my Pennsylvania All Counties Challenge, I'm not about to verify your list of finds to make sure they cover all 67 Pennsylvania counties, when there is an automated checker to do that work for me.  It would be my right to delete your log.

I completely disagree.  As I said, IF I deny access, then I think the burden of proof is on ME. How can you possibly have an issue with that?  Meaning: I provide the proof I met the challenge requirements.

Link to comment
Just now, Max and 99 said:

How did we ever manage with Challenge Caches before the checkers? 

I thought we managed just fine, but there was a group of cachers that complained about having to "do work" to prove they qualified. I suppose those same complainers expect most things in this world to be instantaneous and solved with the press of a button?  Ugh!

  • Upvote 4
Link to comment
3 hours ago, noncentric said:

I thought we managed just fine, but there was a group of cachers that complained about having to "do work" to prove they qualified. I suppose those same complainers expect most things in this world to be instantaneous and solved with the press of a button?  Ugh!

Exactly my point!  

Link to comment
13 hours ago, hzoi said:

I idly wonder whether there are any non-logging cachers that have also privately completed challenges as well.  Easy enough if the coordinates are openly displayed,

 

I assume that any non-logging cachers would go and find challenge caches, signing them in, and treating them just like any other caches. No need to 'check' anything, no stats to check. They could run the check themselves if they really want to, but nothing is stopping them from marking it found in their own personal records :)

 

 

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...