Jump to content
Sign in to follow this  
Followers 5
10011010

Audit Log

Recommended Posts

15 minutes ago, IceColdUK said:

This could be addressed, but I don’t see how the fundamental flaw, i.e. it’s inaccuracy, can be resolved.

It accurately reflects when a user looks at the cache page through the website. The fact that there are other ways to look at a cache page makes the feature limited, not flawed.

 

20 minutes ago, IceColdUK said:

If there was a vote, and I also take into 

account my ‘paranoid’ unease and niraD’s valid privacy concerns then I’d vote ‘3’.

For me to vote for taking a feature away from people that find it useful, I'd need better justification then just my feelings.

 

(I'm not paying attention to the privacy laws in this context: if they're relevant, we won't be voting on what happens.)

  • Upvote 1

Share this post


Link to post
16 minutes ago, dprovan said:

It accurately reflects when a user looks at the cache page through the website. The fact that there are other ways to look at a cache page makes the feature limited, not flawed.

 

Unless a user downloads all caches in an area using c:geo in which case they ‘visit’ every cache page.  Not a defect in Groundspeak’s implementation, but I’d still call it a flaw.

 

Quote

For me to vote for taking a feature away from people that find it useful, I'd need better justification then just my feelings.

 

You find it useful; I find it intrusive.  Maybe with the exception of my vote comment above, I’ve only really been expressing a preference: I’d rather there wasn’t an audit log.  I’m sure I’m in the minority, but I don’t expect a vote anyway.

  • Upvote 3

Share this post


Link to post
36 minutes ago, IceColdUK said:

You find it useful; I find it intrusive.

I'm trying to work out the right answer, not just the one I like the best. You find it intrusive. I ignore it. You would take it away from anyone that finds it useful. I'd rather GS spend its time doing more interesting things. Does that sum up our conversation?

Share this post


Link to post
30 minutes ago, dprovan said:

I'm trying to work out the right answer, not just the one I like the best. You find it intrusive. I ignore it. You would take it away from anyone that finds it useful. I'd rather GS spend its time doing more interesting things. Does that sum up our conversation?

 

Not quite.  I'd rather they take it away, than spend time trying to improve / fix it - which was what the OP was suggesting.

 

Adding: I can live with the status quo.

 

Edited by IceColdUK
Grammar!

Share this post


Link to post
1 hour ago, IceColdUK said:

I’m sure I’m in the minority

 

I say this with some confidence because...

 

Having seen the various opinions on this thread, and discussed it with a couple of friends in the pub last weekend, I was keen to find out the views of a wider audience, so I put up a poll on the Geocaching UK Facebook page.

 

I'm no market researcher, so nothing too scientific here!  I tried not to betray my own feelings with the questions, but was accused of failing spectacularly!  You can make up your own minds.  FB isn't really set up for asking two questions on a single poll, so some people clearly only gave an answer to one of the questions.  (It's also possible that some gave two answers to the same question.)

 

The poll has only been up for 10 hours, but I've had well over 100 responses, and it's generated a fair bit of interesting discussion.

 

So here's the FB post, with the questions, answers and responses...

 

-----

Following up on a discussion in the Geocaching Forums, I'm interested in people's opinions about the PMO cache audit log.

 

For those that don't know, the CO of a 'Premium Member Only' cache has access to a log that shows all visits to their cache page. Only visits via the website are recorded; access via the API (e.g. using the official or partner Apps, or third party tools, such as GSAK) or Pocket Queries is not recorded.

 

https://www.geocaching.com/help/index.php?pg=kb.chapter&id=38&pgid=122

 

The poll has two questions, each with three possible answers - 1. Did you know about the feature? 2. Are you happy for a CO to see your visits to their cache page - so please select one answer for each question.

 

Please feel free to expand on your feelings and experiences in the Comments. Thanks. 🙂

 

1. Did you know about the feature? (114 responses)
   - I did not know about the feature: 39%
   - I know about the feature, and I make use of it: 54%
   - I know about the feature, but I don't make use it: 7%

 

2. Are you happy for a CO to see your visits to their cache page? (129 responses)
   - I'm happy for a CO to see my visits to their cache page: 77%
   - I don't care whether or not a CO can see my visits to their cache page: 17%
   - I would rather a CO wasn't able to see my visits to their cache page: 6%

 

-----

A few things that caught my eye:

- Almost 40% of those that replied weren't aware of the functionality.  That was a little higher than I expected.

- I had thought that people unaware of the log, might instinctively be unhappy about it when they realised their visits were being logged.  This clearly wasn't the case.

- Overwhelmingly, I am in the minority: 94% of cachers have no problem with the audit log, and 89% of those that know about it, are using it!

 

Edited by IceColdUK

Share this post


Link to post
29 minutes ago, IceColdUK said:

Overwhelmingly, I am in the minority: 94% of cachers have no problem with the audit log, and 89% of those that know about it, are using it!

 

It was quite obvius because you used Facebook as a platform for your poll. :D

  • Upvote 2

Share this post


Link to post
6 minutes ago, arisoft said:

 

It was quite obvius because you used Facebook as a platform for your poll. :D

 

Fair point! 👍  This is why I’m not a market researcher!

 

Edited by IceColdUK

Share this post


Link to post

By the way, have you ever thought that the cache page is a property of the cache owner. If the owner wants to know who is visiting on the page you have no way to deny this right. There is no law that entitles anonymous web browsing.

Edited by arisoft

Share this post


Link to post

Thanks for the poll. Very interesting.

 

7 hours ago, IceColdUK said:

- Almost 40% of those that replied weren't aware of the functionality.  That was a little higher than I expected. 

Wow, 40% is way lower than I expected. I would have said 90% had no idea there was an audit log. The only way I can even believe the 40% number is because many people who had completely forgotten about it were reminded by the question, and hence answered that they were aware of it even though they wouldn't have come up with it if, for example, you'd asked some less leading question like "What are the features of PMO caches?"

 

7 hours ago, IceColdUK said:

- Overwhelmingly, I am in the minority: 94% of cachers have no problem with the audit log, and 89% of those that know about it, are using it!

I have to admit, I'm shocked by the 89% number, too. I have to wonder how many of them are like me: I don't use the feature in any significant way, but I've poked around at it to see what it shows me, so I might feel like I had to answer the question "yes" even though I wouldn't even notice if the feature went away.

  • Upvote 1

Share this post


Link to post

Is it possible that anonymous answers would be different? People are sometimes reluctant to admit publicly that they did not know about something. 

 

I'm not using it mostly because I try to keep my caches for all the players. Only temporarily for PM.

 

Back to original proposal, no problem to vote for it. But I won't be missing the feature if it would be gone too. 

Share this post


Link to post
10 hours ago, IceColdUK said:

 - I know about the feature, but I don't make use it: 7%

 

That figure surprises me, as I've known about the audit log pretty much since I joined up (I'm one of those people who reads every bit of documentation I can get my hands on when starting something new, comes from being an engineer I suppose) but have never used it or even seen what it looks like as I've never owned any PMO caches. With the small number of finds most of my caches get, there's not much incentive to try to reduce that further by restricting access.

Share this post


Link to post

I'm not particularly a fan of the Audit Log feature at all to be honest. I suppose my general distrust of all things 'tracky' is what's behind my dislike of it. I know as a PM CO myself with a few PM only caches,  I could use it if I wanted to but I can't say I've ever felt the need to snoop on those who view my cache pages. I only ever had PM only caches to stop ammo can theft

 

 I don't think I want it extended to all caches owned by anyone who is a PM. I'd be happy to see my membership fee be spent on more useful features and to get rid of audit logs all together.

  • Upvote 3

Share this post


Link to post
On 12/14/2018 at 10:44 PM, dprovan said:

Wow, 40% is way lower than I expected. I would have said 90% had no idea there was an audit log. The only way I can even believe the 40% number is because many people who had completely forgotten about it were reminded by the question, and hence answered that they were aware of it even though they wouldn't have come up with it if, for example, you'd asked some less leading question like "What are the features of PMO caches?"

Well, 54% said they were aware and "make use of it" - so it doesn't sound like they were reminded about the feature by the question.  If they were only aware of it because of the poll question, then I'd expect them to have selected the "I know about the feature, but I don't make use it" choice - which was only 7%.

 

I think it might be more interesting to see how the answers would be if split between Basic and Premium members.  I'd wager that Premium Members are more aware of the audit log than Basic Members, especially if those PM's own PMO caches.

Share this post


Link to post
2 hours ago, noncentric said:

Well, 54% said they were aware and "make use of it" - so it doesn't sound like they were reminded about the feature by the question.

I can't argue with you, but I can easily see myself responding like that. The only reason I've used the audit log this year is because of this thread. But, still, if I'd have taken your poll without having read this thread, I likely would have said, "Oh, yeah, the audit log," and then felt it was accurate to say I knew about it and used it even though I haven't given it a thought in years. I admit, I have no idea if I'm atypical, but I can easily imagine many people in the same boat.

  • Upvote 1

Share this post


Link to post

Audit logs ,

I made all my cache's PMO , so that I could use this function ..

my question is , why , isn't every viewer of a cache recorded ?

 

as it would appear that cacher's viewing our cache's via a photo app don't show up either ..

 

locale we had a spate of cache's being stolen , BUT even with the names in the audit log , GS wouldn't help , to identify the user . 

 

PLEASE make all views of all cache visual to the CO   

Share this post


Link to post
28 minutes ago, little-leggs said:

my question is , why , isn't every viewer of a cache recorded ?

 

As discussed above, what constitutes a ‘view’?  For example, if the cache is downloaded (along with 1000 other caches) in a Pocket Query, is this a ‘view’? When the App-that-must-not-be-named screen scrapes the cache page for every cache on its map, should these ‘views’ be excluded?

  • Upvote 1

Share this post


Link to post
2 hours ago, IceColdUK said:

 

As discussed above, what constitutes a ‘view’?  For example, if the cache is downloaded (along with 1000 other caches) in a Pocket Query, is this a ‘view’? When the App-that-must-not-be-named screen scrapes the cache page for every cache on its map, should these ‘views’ be excluded?

 

Therein lies the issue with the app-that-must-not-be-named.  A PQ obtains a list of caches from the database so the inclusion of a cache in PQ results would not result in a "view".  That app makes a programmatic http request for the cache page and intentionally spoofs the request header to make it appear that the request is coming from a browser which prevents GS from excluding those "views".   

Share this post


Link to post
10 hours ago, little-leggs said:

Audit logs ,

I made all my cache's PMO , so that I could use this function ..

my question is , why , isn't every viewer of a cache recorded ?

as it would appear that cacher's viewing our cache's via a photo app don't show up either ..

 

locale we had a spate of cache's being stolen , BUT even with the names in the audit log , GS wouldn't help , to identify the user .  

 

Why is a good question for Geocaching HQ in an email.     :)

I understand that as long as one doesn't log into the site for info,  it's not in the audit.

Besides using a phone, there's PQs and bookmarks too.

 

Were the "stolen" local caches pmo as well? 

We noted for years that simply  paying for premium membership doesn't make one more knowledgeable or trustworthy.    :D

Many of our biggest known thieves and trackable hoarders were premium members.

Other than a witness or camera, there's no real way to tell who a "thief" is, "names in the audit" proving nothing.

 - Of course Groundspeak wouldn't help to harass members...

  • Upvote 1

Share this post


Link to post
13 hours ago, little-leggs said:

locale we had a spate of cache's being stolen , BUT even with the names in the audit log , GS wouldn't help , to identify the user .

Did you assume that the most recent viewer of the cache was the thief?  That seems like quite an assumption. It could've been someone that found the cache months ago and came back to the spot to take it, even though dozens of non-thief cachers viewed the cache page in the meantime. Or, it could've been a muggle that never viewed the cache page at all.

 

Assuming that a recent name in the audit log is a thief and accusing them of stealing your cache is exactly why some cachers don't want to show up on audit logs. It's not because they're thieves, but because they don't want to be weongly accused.

  • Upvote 4
  • Helpful 2

Share this post


Link to post
3 minutes ago, noncentric said:

Did you assume that the most recent viewer of the cache was the thief?  That seems like quite an assumption. It could've been someone that found the cache months ago and came back to the spot to take it, even though dozens of non-thief cachers viewed the cache page in the meantime. Or, it could've been a muggle that never viewed the cache page at all.

 

Assuming that a recent name in the audit log is a thief and accusing them of stealing your cache is exactly why some cachers don't want to show up on audit logs. It's not because they're thieves, but because they don't want to be weongly accused.

Well said!!

Share this post


Link to post
9 minutes ago, noncentric said:

Assuming that a recent name in the audit log is a thief and accusing them of stealing your cache is exactly why some cachers don't want to show up on audit logs. It's not because they're thieves, but because they don't want to be weongly accused.

This right here is one of the reasons why opponents of the audit log are opposed to it. The audit log is simply not intended nor suitable for tracking down a cache thief, but that doesn't stop some people from becoming a vigilante and unjustly attacking innocent cachers.

  • Upvote 2
  • Helpful 2

Share this post


Link to post
23 hours ago, cerberus1 said:

 

Were the "stolen" local caches pmo as well? 

YES .
and  the random log in's were PM too 

NO find 

NO hids

only looked at the ( missing ) perceived stolen cache's 

 

all a bit suspicious ,  I think 

 

GS said " there nothing they could do about it "

 

Share this post


Link to post
19 hours ago, noncentric said:

Did you assume that the most recent viewer of the cache was the thief?  That seems like quite an assumption. It could've been someone that found the cache months ago and came back to the spot to take it, even though dozens of non-thief cachers viewed the cache page in the meantime. Or, it could've been a muggle that never viewed the cache page at all.

 

Assuming that a recent name in the audit log is a thief and accusing them of stealing your cache is exactly why some cachers don't want to show up on audit logs. It's not because they're thieves, but because they don't want to be weongly accused.

 

It wasn't the last name in the audit log , that we suspected of the ( missing ) perceived stolen cache's , the name we suspected had NO finds NO hides and only appeared in the audit logs of the missing cache's

 

Share this post


Link to post

I think the word I'm looking for is -

 

TRANSPARENCY

 

if you have nothing to hid , you have nothing to worry about 

 

our , log in paints a picture , what we've found , what we haven't ( if your an Honest logger ) and what you've been looking at for your next trip out ? 

Share this post


Link to post
1 hour ago, little-leggs said:

I think the word I'm looking for is -

TRANSPARENCY

if you have nothing to hid , you have nothing to worry about 

our , log in paints a picture , what we've found , what we haven't ( if your an Honest logger ) and what you've been looking at for your next trip out ? 

 

We heard government officials saying this when they first came out with street cameras on every corner. 

Now many question who else is seeing that, after hearing reports (and seeing it in the movies) -  Big Brother stuff.     

"Trust me" they say...    :)

Windows have curtains.   Bathrooms have doors.  Privacy is a basic in human nature.

 

Sorry, but (to me) you may be confusing "transparency" with accountability (if tracking down your cache thief is still the issue...).

There's numerous posts explaining how that can't be proven true  by a visit to a cache page ...

 

 

 

  • Upvote 2

Share this post


Link to post
4 hours ago, little-leggs said:

 

if you have nothing to hid , you have nothing to worry about 

2


What's your geocaching account password? 

 

 

  • Upvote 2
  • Funny 3
  • Surprised 1

Share this post


Link to post

I'm against the audit log because of privacy concerns. I'm against the fact the data is logged and apparently kept in perpetuity, data that includes my geocaching ID. People ask, what's the big deal? My issue is with how the data is used, might be used, or mis-used. The current audit log feature seems innocuous. But what if GS expands the use of the data? Or, the data is stolen? Or subpoenaed? 

 

Just imagine...

 

"We noticed that you looked at cache GCxxxxx. Other cachers have also looked at GCyyyy, GCzzzz and GCaa."

"Based on your cache viewing history, here are some other caches you might like..."

"Hey, that guy is looking at caches in Bermuda. Maybe his house is empty, and we can go rob it."

"Hello, this is Officer Joe. We noticed that you looked at a cache that was near a house that was broken into. Can you tell me where you were the night of ..."

 

Some call me crazy, others know me as a professional paranoid. These may be extreme examples, but sometimes when you take things to the extreme, it points out issues with the idea.

  • Upvote 3
  • Funny 1

Share this post


Link to post
12 hours ago, Wet Pancake Touring Club said:

"Hello, this is Officer Joe. We noticed that you looked at a cache that was near a house that was broken into. Can you tell me where you were the night of ..."

 

This actually happened to me, but in a slightly different manner.  There is an unsolved double murder that occurred off a hiking/biking/rails to trails path.  I had cached the area two months before the crime and actually walked right past the future crime scene area on my way to the cache I had targeted.  I got a call from our local police department, on behalf of the authorities that were coordinating the investigation, and was interviewed about my trip up there and then where I was around the dates the murders occurred.  I was nowhere near the area during that time so wasn't concerned but I fully understood the reason for them calling me in.  It wasn't because of the audit log, as the cache in question isn't premium, but there are other ways to "track" cachers that aren't related to the audit log. If you believe the audit log is the sole form of data that can be used to track cachers, you're mistaken.  Your finds are public (for members) records as well and are just as effective at following your movements as the audit log, more so in fact, because they give specific locations rather than the fact that you happened to browse someone's premium cache page.  Law enforcement agencies, should they ask, can, as I understand it, get a free premium (?) membership so that they can use the database to determine if there's a cache at a location where a suspicious package has been called in.

 

I use it infrequently and if it were to disappear, I wouldn't be overly upset.  If it were to stick around, I'd feel the same way, vaguely interested in its use on rare occasions.

Share this post


Link to post
9 hours ago, coachstahly said:

 

This actually happened to me, but in a slightly different manner.  There is an unsolved double murder that occurred off a hiking/biking/rails to trails path.  I had cached the area two months before the crime and actually walked right past the future crime scene area on my way to the cache I had targeted.  I got a call from our local police department, on behalf of the authorities that were coordinating the investigation, and was interviewed about my trip up there and then where I was around the dates the murders occurred.  I was nowhere near the area during that time so wasn't concerned but I fully understood the reason for them calling me in.  It wasn't because of the audit log, as the cache in question isn't premium, but there are other ways to "track" cachers that aren't related to the audit log. If you believe the audit log is the sole form of data that can be used to track cachers, you're mistaken.  Your finds are public (for members) records as well and are just as effective at following your movements as the audit log, more so in fact, because they give specific locations rather than the fact that you happened to browse someone's premium cache page.  Law enforcement agencies, should they ask, can, as I understand it, get a free premium (?) membership so that they can use the database to determine if there's a cache at a location where a suspicious package has been called in.

 

I use it infrequently and if it were to disappear, I wouldn't be overly upset.  If it were to stick around, I'd feel the same way, vaguely interested in its use on rare occasions.

 

Wow, you have some really thorough police in your area. 

Share this post


Link to post
10 hours ago, coachstahly said:

This actually happened to me, but in a slightly different manner.

Just curious, where you caching with a phone?

Share this post


Link to post
1 hour ago, 31BMSG said:

Just curious, where you caching with a phone?

That's what I was presuming. My GPS couldn't be tracked.

  • Upvote 1

Share this post


Link to post
12 hours ago, coachstahly said:

Your finds are public (for members) records as well and are just as effective at following your movements as the audit log, more so in fact, because they give specific locations rather than the fact that you happened to browse someone's premium cache page.  

 

I guess some of the newer GPSrs will work with your phone,  but for many (most?) still using a handheld and not logging real-time, good luck knowing where I am.   My rugby flip is turned off when out in the woods too.  I'm off sorta-smart phones for a while.

Someone wants to follow my movements after I've been there, that's not such a big deal to me...   :)

 

Share this post


Link to post
32 minutes ago, Goldenwattle said:

That's what I was presuming. My GPS couldn't be tracked.

Actually, thinking about it; I do have my phone with me (although not using it for caching) and that can be tracked.

Share this post


Link to post
16 hours ago, coachstahly said:

This actually happened to me, but in a slightly different manner.

[snip]

It wasn't because of the audit log, as the cache in question isn't premium, but there are other ways to "track" cachers that aren't related to the audit log.

Did the police locate you based on logs that you posted to the caches in the area?

Share this post


Link to post
8 hours ago, noncentric said:

Did the police locate you based on logs that you posted to the caches in the area?

 

I have no idea if the police did it or someone else notified them that there were geocaches in the area and provided a list.  They never told me and I never asked.

Share this post


Link to post
13 hours ago, 31BMSG said:

Just curious, where you caching with a phone?

 

Nope.  GPS had the caches loaded  My phone was with me but not being used for caching.  The audit log doesn't track location (where you are when you look at the cache page).  It only tracks visitors to the page so that the CO can see them (I would assume GS has that type of access available as well).

Share this post


Link to post
12 hours ago, cerberus1 said:

I guess some of the newer GPSrs will work with your phone,  but for many (most?) still using a handheld and not logging real-time, good luck knowing where I am.   My rugby flip is turned off when out in the woods too.  I'm off sorta-smart phones for a while.

Someone wants to follow my movements after I've been there, that's not such a big deal to me...   :)

 

That's true but the audit log doesn't track location, only visits to the cache page from wherever you might be.  I was "tracked" after the fact, not during.

Share this post


Link to post
14 hours ago, Wet Pancake Touring Club said:

Wow, you have some really thorough police in your area. 

 

I'd rather they check all leads than none, even if it was a wild goose chase (as it pertained to me).  Sadly, the murders are still unsolved.

Share this post


Link to post
9 hours ago, coachstahly said:

I have no idea if the police did it or someone else notified them that there were geocaches in the area and provided a list.  They never told me and I never asked.

Sorry, I guess what I was getting at is - did you post logs to the caches in the area, so that the police could've identified you (your caching name) if they were looking at caches in the area?   The alternative would be, if you didn't post logs to the caches, that they somehow used some sort of tracking of your phone to identify you as being in the area.  The latter seems to be what some of the other forum posters were asking about with regards to whether you had your phone with you.

  • Upvote 1

Share this post


Link to post

I posted found logs to the few caches I had targeted in the area.  I did have my phone, but only for using it in the more traditional method.  I also used them to look at the EC cache pages in the area as it's much easier to see on my phone than it is on my GPS.

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
Followers 5

×