Jump to content

You're browsing the 2004-2023 VATSIM Forums archive. All content is preserved in a read-only fashion.
For the latest forum posts, please visit https://forum.vatsim.net.

Need to find something? Use the Google search below.

VATSIM.net CERT DATABASE


Bernardo De Carvalho 97126
 Share

Recommended Posts

Bernardo De Carvalho 97126
Posted
Posted

Questions about this VATSIM.net DATABASE have always been present within my sub-conscious!

 

1st Who are the VATSIM.net members with access to the CERT DATABASE?

 

I understand SUP and ADM Ratings are within these individuals...

 

2nd In generic terms what does the CERT DATABASE contain?

 

3rd Under what provisions is a VATSIM.net member allowed to insert items in the CERT DATABASE?

 

Regards,

Bernardo de Carvalho

"First, master the fundamentals"

4612.png

Link to comment
Share on other sites

Anthony Lawrence
Posted
Posted
1st Who are the VATSIM.net members with access to the CERT DATABASE?

 

I understand SUP and ADM Ratings are within these individuals...

 

That would about cover it i'd say...

 

2nd In generic terms what does the CERT DATABASE contain?

 

Can't answer this one...

 

3rd Under what provisions is a VATSIM.net member allowed to insert items in the CERT DATABASE?

 

 

Well you insert stuff when you join VATSIM - so.. then i'd [Mod - Happy Thoughts]ume

 

Regards,

A...

0
Link to comment
Share on other sites

Bernardo De Carvalho 97126
Posted
Posted

Thanks Anthony...I can consider myself clarified now!!!

Bernardo de Carvalho

"First, master the fundamentals"

4612.png

Link to comment
Share on other sites

Bernardo De Carvalho 97126
Posted
Posted

C'mon you serious? Just gonna leave me hanging like this?

Bernardo de Carvalho

"First, master the fundamentals"

4612.png

Link to comment
Share on other sites

Alex Bailey 969331
Posted
Posted

The CERT is like your "file" with VATSIM and any discipline problems online will be recorded in there, as well as any SUP actions. I'm not quite sure about the details of it.

 

I believe Division Directors have access to view it, but I know of a particular case where a Division Director actually posted into a member's CERT so I'm not sure on that question either. Obviously SUP and ADM will have access, I don't need to explain that.

 

Hope that helps...

Alex Bailey

ZMA I-1

Link to comment
Share on other sites

Bernardo De Carvalho 97126
Posted
Posted

As I understand your words Alex, the CERT is like our criminal record?

 

Or are VATSIM.net Members with access to the CERT able to write something good in the CERT of a certain user?

 

If someone could give an insight...or just a generic explanation on how it works, I've never seen it published...

 

I've only learned about this CERT DATABASE through reading meeting minutes of the EC...

Bernardo de Carvalho

"First, master the fundamentals"

4612.png

Link to comment
Share on other sites

Ross Carlson
Posted
Posted

It contains your CID and p[Mod - Happy Thoughts]word, all your signup info, your current region, a log of any changes to your rating, a log of any suspensions, and any comments left by supervisors or administrators for whatever reason.

Developer: vPilot, VRC, vSTARS, vERAM, VAT-Spy

Senior Controller, Boston Virtual ARTCC

Link to comment
Share on other sites

Aggrey Ellis 964561
Posted
Posted
It contains your CID and p[Mod - Happy Thoughts]word, all your signup info, your current region, a log of any changes to your rating, a log of any suspensions, and any comments left by supervisors or administrators for whatever reason.

 

Are we allowed to look at/request our file in the database.

ZLA I11

VATCAF S1

et_1.png

Link to comment
Share on other sites

Ivan Kovacevic 920456
Posted
Posted
Are we allowed to look at/request our file in the database.

 

 

No.

Link to comment
Share on other sites

Daniel Doorgakant
Posted
Posted

Although should you be suspended, you reserve the right to ask the member who performed the action what has been placed on your record.

vatme-sig.jpg
Link to comment
Share on other sites

Ivan Kovacevic 920456
Posted
Posted
Although should you be suspended, you reserve the right to ask the member who performed the action what has been placed on your record.

 

 

No you don't. You are informed of the exact reasons why you were suspended in the Suspension Notification email automatically when the action is initiated.

 

 

The CERT profile contains two groups of items - one is the personal information (name, age, email....) and the technical information. You already know your personal information, so you wouldn't ask for that normally. The technical information is strictly confidential, and is not intended for the members.

Link to comment
Share on other sites

Bernardo De Carvalho 97126
Posted
Posted

@ Ross

 

Thank you!

Bernardo de Carvalho

"First, master the fundamentals"

4612.png

Link to comment
Share on other sites

Stephen Donnelly
Posted
Posted
Although should you be suspended, you reserve the right to ask the member who performed the action what has been placed on your record.

 

 

No you don't. You are informed of the exact reasons why you were suspended in the Suspension Notification email automatically when the action is initiated.

 

 

The CERT profile contains two groups of items - one is the personal information (name, age, email....) and the technical information. You already know your personal information, so you wouldn't ask for that normally. The technical information is strictly confidential, and is not intended for the members.

 

Legally speaking members are entitled to see ANY data held in their name should they wish to do so under data protection law, as I understand it (US law differs m[Mod - Happy Thoughts]ively from Irish law so I don't know if this is the case, fee free to correct me). However the likelihood of anyone wantaing to see this data is small given all that's going to be there is details you provided, or, if suspended, a note saying 'suspeded due to unattended connection' or something similar.

 

I find it hard to believe a supervisior who has presumably been chosen for their maturity would put anything inappropriate or silly into a CERT. At the same time, anyone who wants to should have access to put their mind at ease.

Stephen Donnelly CTR+

Link to comment
Share on other sites

Anthony Lawrence
Posted
Posted
Although should you be suspended, you reserve the right to ask the member who performed the action what has been placed on your record.

 

 

No you don't. You are informed of the exact reasons why you were suspended in the Suspension Notification email automatically when the action is initiated.

 

 

The CERT profile contains two groups of items - one is the personal information (name, age, email....) and the technical information. You already know your personal information, so you wouldn't ask for that normally. The technical information is strictly confidential, and is not intended for the members.

 

Legally speaking members are entitled to see ANY data held in their name should they wish to do so under data protection law, as I understand it (US law differs m[Mod - Happy Thoughts]ively from Irish law so I don't know if this is the case, fee free to correct me). However the likelihood of anyone wantaing to see this data is small given all that's going to be there is details you provided, or, if suspended, a note saying 'suspeded due to unattended connection' or something similar.

 

I find it hard to believe a supervisior who has presumably been chosen for their maturity would put anything inappropriate or silly into a CERT. At the same time, anyone who wants to should have access to put their mind at ease.

 

I didn't think Data Protection covered Non-Profit organisations? (correct me if i'm wrong - but it's what I believe to have been taught for my recent exam...:S)

 

Regards,

A...

0
Link to comment
Share on other sites

Ivan Kovacevic 920456
Posted
Posted

Legally speaking members are entitled to see ANY data held in their name should they wish to do so under data protection law, as I understand it (US law differs m[Mod - Happy Thoughts]ively from Irish law so I don't know if this is the case, fee free to correct me). However the likelihood of anyone wantaing to see this data is small given all that's going to be there is details you provided, or, if suspended, a note saying 'suspeded due to unattended connection' or something similar.

 

I find it hard to believe a supervisior who has presumably been chosen for their maturity would put anything inappropriate or silly into a CERT. At the same time, anyone who wants to should have access to put their mind at ease.

 

 

If what you're saying is true, creating a private forum section for "Moderators only" would be illegal under the data protection law. That pretty much makes any online forum illegal, doesn't it?

Link to comment
Share on other sites

Stephen Donnelly
Posted
Posted

Legally speaking members are entitled to see ANY data held in their name should they wish to do so under data protection law, as I understand it (US law differs m[Mod - Happy Thoughts]ively from Irish law so I don't know if this is the case, fee free to correct me). However the likelihood of anyone wantaing to see this data is small given all that's going to be there is details you provided, or, if suspended, a note saying 'suspeded due to unattended connection' or something similar.

 

I find it hard to believe a supervisior who has presumably been chosen for their maturity would put anything inappropriate or silly into a CERT. At the same time, anyone who wants to should have access to put their mind at ease.

 

 

If what you're saying is true, creating a private forum section for "Moderators only" would be illegal under the data protection law. That pretty much makes any online forum illegal, doesn't it?

 

Not really, a discussion in a moderators' section wouldn't be the same as a file held in a certain person's name.

 

As for data protection not covering NPO's - could be the case, certainly, although I wasn't aware of it. Checking Irish law would be easy but I have no idea how to check US law and as that's where the data is held that's what counts.

Stephen Donnelly CTR+

Link to comment
Share on other sites

Anthony Lawrence
Posted
Posted

Computer users/companies (etc) who store personal data must register with the Data Protection Register. The information they store must

  • be obtained and processed fairly and lawfully
  • be held only for a specific purpose
  • be relevant to that purpose and not more than necessary.
  • be kept accurate and up-to-date
  • not be held longer than required.
  • be protected with the proper security.

 

The individual whose data is stored:

  • should be notified of the existence of the data
  • has the right to view data stored
  • has the right to have data corrected or erased.

 

Exemptions from the Data Protection Act :

  • data used for recreational purposes eg club members
  • data which may affect national security
  • data used to fight crime
  • data used for calculating wages or pensions
  • data used for distributing information eg mailing lists

 

That's the data protection act summed up. VATSIM is exempt as it's a recreational purpose. All forums would be recreational purposes aswell i'd [Mod - Happy Thoughts]ume - unless pay to view, in which point i don't know where it'd fall.

 

Regards,

A....

0
Link to comment
Share on other sites

Stephen Donnelly
Posted
Posted (edited)
Computer users/companies (etc) who store personal data must register with the Data Protection Register. The information they store must

  • be obtained and processed fairly and lawfully
  • be held only for a specific purpose
  • be relevant to that purpose and not more than necessary.
  • be kept accurate and up-to-date
  • not be held longer than required.
  • be protected with the proper security.

 

The individual whose data is stored:

  • should be notified of the existence of the data
  • has the right to view data stored
  • has the right to have data corrected or erased.

 

Exemptions from the Data Protection Act :

  • data used for recreational purposes eg club members
  • data which may affect national security
  • data used to fight crime
  • data used for calculating wages or pensions
  • data used for distributing information eg mailing lists

 

That's the data protection act summed up. VATSIM is exempt as it's a recreational purpose. All forums would be recreational purposes aswell i'd [Mod - Happy Thoughts]ume - unless pay to view, in which point i don't know where it'd fall.

 

Regards,

A....

 

That makes sense when you think about it, dramatically reduces the workload on data protection commissioners I'm sure for what in all fairness would be trivialities. Although I would still maintain that on request, a member should eb told what's on their file as long as it doesn't adversely affect anyone else. I can't see the harm in that - but I'm not going to start campaigning for it either.

Edited by Guest

Stephen Donnelly CTR+

Link to comment
Share on other sites

Anthony Lawrence
Posted
Posted
Computer users/companies (etc) who store personal data must register with the Data Protection Register. The information they store must

  • be obtained and processed fairly and lawfully
  • be held only for a specific purpose
  • be relevant to that purpose and not more than necessary.
  • be kept accurate and up-to-date
  • not be held longer than required.
  • be protected with the proper security.

 

The individual whose data is stored:

  • should be notified of the existence of the data
  • has the right to view data stored
  • has the right to have data corrected or erased.

 

Exemptions from the Data Protection Act :

  • data used for recreational purposes eg club members
  • data which may affect national security
  • data used to fight crime
  • data used for calculating wages or pensions
  • data used for distributing information eg mailing lists

 

That's the data protection act summed up. VATSIM is exempt as it's a recreational purpose. All forums would be recreational purposes aswell i'd [Mod - Happy Thoughts]ume - unless pay to view, in which point i don't know where it'd fall.

 

Regards,

A....

 

That makes sense when you think about it, dramatically reduces the workload on data protection commissioners I'm sure for what in all fairness would be trivialities. Although I would still maintain that on request, a member should be told what's on their file as long as it doesn't adversely affect anyone else.

 

It would be morally right to do so - but given the above, there is no legal requirement under the DPA for them to do so.

 

Regs,

A...

0
Link to comment
Share on other sites

Paul Byrne
Posted
Posted

Hi,

 

Interesting thread. I take it Anthony, that is the actual wording of the UK data protection act? Or is it the US?

 

Cheers!

Paul.

Link to comment
Share on other sites

Stephen Donnelly
Posted
Posted

It would be morally right to do so - but given the above, there is no legal requirement under the DPA for them to do so.

 

Regs,

A...

 

My point exactly.

Stephen Donnelly CTR+

Link to comment
Share on other sites

Anthony Lawrence
Posted
Posted
Hi,

 

Interesting thread. I take it Anthony, that is the actual wording of the UK data protection act? Or is it the US?

 

Cheers!

Paul.

 

That's the UK data protection Act - It can be found here, the full 20 pages of it.

 

Regards,

A....

0
Link to comment
Share on other sites

Paul Byrne
Posted
Posted

Hi Anthony,

 

When you say "Data used for recreational purposes" I take it you used this reference from the DPA :

Domestic purposes

 

Personal data processed by an individual only for the purposes of that individual’s personal, family or household affairs (including recreational purposes) are exempt from the data protection principles and the provisions of Parts II and III.

 

What's interesting about this is the wording of the statement. Now, this is all moot if the US DPA has different wording, but using the UK DPA, one could argue the following :

The only data that is exempt is the data that I (the individual) inputted to become a member of VATSIM (Full Name and email address). Additional data collected and stored about me by other parties in relation to technical and disciplinary issues on the network (a permanent record) would not be exempt from the DPA as its specific function is not recreational, nor was it inputted by me.

 

Now, I'm not a solicitor and have no legal background, but on the front of it, this is how I would interpret this regulation.

 

You know, the only person who can really answer this would be GSM. George, what do you say? Would this be a valid argument or are my legal ramblings useless . I'm actually curious about this as I've always been interested in the way English is interpreted in the legal sense. Makes reading T+C, rental contracts etc. easier to understand.

 

Cheers!

Paul.

Link to comment
Share on other sites

Anthony Lawrence
Posted
Posted
Hi Anthony,

 

When you say "Data used for recreational purposes" I take it you used this reference from the DPA :

Domestic purposes

 

Personal data processed by an individual only for the purposes of that individual’s personal, family or household affairs (including recreational purposes) are exempt from the data protection principles and the provisions of Parts II and III.

 

What's interesting about this is the wording of the statement. Now, this is all moot if the US DPA has different wording, but using the UK DPA, one could argue the following :

The only data that is exempt is the data that I (the individual) inputted to become a member of VATSIM (Full Name and email address). Additional data collected and stored about me by other parties in relation to technical and disciplinary issues on the network (a permanent record) would not be exempt from the DPA as its specific function is not recreational, nor was it inputted by me.

 

Now, I'm not a solicitor and have no legal background, but on the front of it, this is how I would interpret this regulation.

 

You know, the only person who can really answer this would be GSM. George, what do you say? Would this be a valid argument or are my legal ramblings useless . I'm actually curious about this as I've always been interested in the way English is interpreted in the legal sense. Makes reading T+C, rental contracts etc. easier to understand.

 

Cheers!

Paul.

 

Hi Paul,

 

That would have been the section i'd use to justify it (and for the record, i have no legal background as a barriser/solicitor/lawyer). However, you've pointed out something important - So i went in search

 

I came across the Information Commisioners office, (found here) and the first point is, as you pointed out, for Personal, family and household use of your information - So, i'll quite happily admit i interpreted this the wrong way. However it'd still be nice to hear GSM's take on this

 

Regards,

A....

0
Link to comment
Share on other sites

Ivan Kovacevic 920456
Posted
Posted
Not really, a discussion in a moderators' section wouldn't be the same as a file held in a certain person's name.

 

 

Well, actually Stephen it would be identical if a moderator was to open a topic in a hidden forum saying "I just deleted flyingfrantic's topic about selling his FS screenshot posters. Against the rules". Just because it's called a "staff forum" there and a "cert file/cert record" here doesn't make it much different.

Link to comment
Share on other sites

 Share