Private use of a KiwiSDR receiver in France

Dear All,

On June 10, I made the decision to no longer make Trémolat's two KiwiSDR receivers available to the public. This is not a very pleasant decision. A certain number of legal problems have accumulated since the success of the second antenna (KiwiSDR 2) installed last January.

These are not legal problems concerning the installation of the pylon, because it fully respects French law (regulations concerning height, easements and aerial signage, protected natural areas, natural spaces and historical monuments).

These are problems related to the public operation of the receiver. Here is a short list :

  • Users enter a fake amateur radio QRZ callsign. And since the list of connected users is visible to everyone, this poses a legal problem. This is detrimental to the amateur radio community.
  • More serious, usurpation of the QRZ callsign from amateur radio. This may be detrimental to the real person holding the license who has this QRZ callsign.
  • Less important, voluntary blocking of reception channels, systematically for the maximum listening time. It is a desire to harm what is listening to the receiver.
  • Broadcast pirate radio stations use my receivers as antenna returns. Certainly... Not too much of a consequence. In the worst case, you can be declared an accomplice of the company.
  • Lots of connections from foreign countries that are questionable. I could be accused of favoring foreign interference from countries that are in opposition to France.

In France, listening to radio waves is completely free, if you do it at home with your own equipment. The limitations are simple : do not record private communications, do not exploit personal data, do not make public the personal data listened to.

However, the owners of public KiwiSDRs which broadcast on the internet cannot guarantee that users do not commit violations of laws and regulations. In theory, these owners are co-responsible for these violations, because they provided the technical means.

On the other hand, due to their status, it is possible to authorize licensed radio amateurs. Radio amateurs are already subject to very strict regulations. Connected SDR receivers can be considered as “relays”. I will therefore give access to the receivers to radio amateurs who ask me for it (password).

Understand me, following numerous exchanges with victims of Callsign QRZ theft, I prefer to limit access to receivers. The public operation of connected SDR receivers poses a real legal problem with the laws and regulations in France. I don't know of any real solutions for protecting owners of public connected receivers. If anyone has any solutions to offer, welcome.

---

John, it's a shame that KiwiSDR receivers which require a password for all 4 reception channels, can no longer be listed.

Best regards, Philippe

Comments

  • Well, none of this is really new. It's just operating in the modern context of SDRs and the Internet.

    Hams have been "bootlegging" callsigns for nearly 100 years. Pirates have always existed.

    Most countries technically have regulations allowing radio monitoring for personal use, but prohibiting "retransmission". But the precise interpretation of those terms for HF are vague at best given the border-crossing nature of HF. And HF is mostly uninteresting to everyone except us anyway.

    Much more applicable to VHF/UHF short-range communication services that might be impacted by retransmission. Although encryption in recent times has made that point mostly moot.

    To your last point: I don't think it makes any sense to be including, on a public list, any Kiwi that requires a password likely to be unknown by 99% of the users connecting. That makes its inclusion completely worthless. Perhaps a separate area listing "private" access Kiwis? But that doesn't seem worth the effort.

    Nate_R
  • Hi Philippe,

    I'd agree with John that it doesn't make sense to list KiWi's that folks can't openly use.

    But I do understand your reservations, and some countries are definitely more restrictive than others.

    Short range local VHF / UHF communications are certainly more problematic from a legal perspective than HF communications, which generally tend to completely ignore geopolitical boundaries

    Maybe it would be worthwhile emailing some of the other KiWi admin / operators in France, to see if they have the same concerns as yourself ?

    Regards,

    Martin

    Nate_R
  • Dear John, Dear Martin,

    I agreed with you, until the day the problems arrived. The person who was the victim of the code theft filed a complaint and the ANFR (national frequency agency) was notified. That's all I can tell you about the facts.

    Of course, VHF frequencies and above would cause more problems.

    However, what would make this type of complaint impossible would be to make the identifier invisible in the list of users. Because, even if users agree to publish the identifier they have chosen, this leaves the possibility of name or identifier theft. The owner of the SDR receiver is complicit in this intention to harm others.

    Thank you very much for thinking about this problem, which led me to remove my two Kiwi receivers from access.

    To date, I have set a password. I have expressly authorized people who used the receivers and asked me to do so, taking care to communicate to them a text on the legal limitations of French law.

    I am taking advantage of this period to improve the Kiwi2 reception conditions, improve protection against lightning and storms, which are numerous in the region. I followed Martin's good advice on choosing a new preamplifier.

    Best regards, Philippe

  • It's always a problem if folks can anonymously post on the internet, or any webpage using it. A callsign tends to be regarded as a signature, but it is not unique, it's just an alpha numeric string that can be used by anyone, so I don't understand how it could become a legal issue.

    However, I'm aware that various websdr admins have had to remove the chat function because of misuse.

    I wonder if it would, it help if there was an option that removed the callsign field or anything else that a user can enter text into ?

    Just a thought.

    Regards,

    Martin

  • Yes exactly. Such an option might help. the administrator could see the identifiers in the administration page or on the local Kiwi, but not other users. "xxxxxx" or "******" would appear instead of characters, or the name would disappear as for the option on the city field.

    It's very painful, in our time, all these "General Data Protection Regulation" GDPR requirements that are imposed on websites. In France, there are a lot of controls and the justice system convicts people quite easily.

    Best regards, Philippe

  • jksjks
    edited June 13

    My view of the GDPR is that people should not comment (and draw conclusions) about it until they've actually read it. Because if you have you would have noticed certain provisions in Article 2 (c) and recital 18 which probably apply to our "personal hobby" use in this instance.

  • We have to look far for this interpretation. but hey, that's your point of view.

    In my humble opinion, the management of a website unfortunately does not fall within the scope of article 2, alinéa 2 point c, because this article refers to the case of a personal or domestic activity. For those who use the site perhaps, but not for its owner of site.

    It's the same for a leisure activity, the creator of the site cannot escape it.

    Now, we will have to look for the development of this point in the jurisprudence of European courts. The court ruling comments tell us that « when a person uses personal data outside the 'private sphere', for example in the context of social and cultural or financial activities, then they are required to respect the data protection legislation. »

    As for recital #18, it was written to limit the application of the directive to exchanges that can take place within the family or a social group that uses the networks. If for example, I want to keep an address book of friends.

    In 2016-2018, I was not convinced that this directive was useful, and I was forced to apply it to the procedures of a school of which I was co-director. A very different framework from that which concerns us here.

  • Well, that's why I said "probably".

    The day any of this nonsense starts to impact me is the day I shut everything down.

    njc
  • Indeed an option for the Kiwi admin that removes the callsign field such as Martin suggested would be helpful to address the issues with fake or false callsigns and take care of some of the points Philippe brought up.

    brgds, Ben.

    HB9TMC
  • Alright. After a barrage of emails I've implemented a new checkbox on the admin config tab that says "Show user names to user connections" The default is checked (i.e. yes, show the user names). It will be available in the next release.

    No matter the setting the user names will continue to be shown on the admin users tab, admin log tab etc. This setting compliments the existing checkboxes controlling whether geolocation information is shown and if the geolocated city is shown.

    And this is all independent of whether a user name is demanded at all as set by the checkbox on the admin control tab.

    There is currently a bug where certain non-ASCII, non-UTF8 user names formed by using the Kiwi API directly causes the admin users tab to disappear even though it should have valid entries. Fix coming in the next release.

    HB9TMC
  • Thank you very much, John

  • >These are problems related to the public operation of the receiver. Here is a short list :

    >Users enter a fake amateur radio QRZ callsign.


    Fake QRZ callsign ?


    QRZ is NOT an authorative source of callsign data, it's just a collection

    of callbook CDROMS and user entered data.


    You won't even find my callsign on QRZ or my details in a callbook for

    at least 30 years.


    But I hold a valid licence the same as anyone else.


    >More serious, usurpation of the QRZ callsign from amateur radio.

    >This may be detrimental to the real person holding the license

    >who has this QRZ callsign.


    Once again, QRZ has nothing to do whatsoever to validate if a

    callsign is legal,or show that a callsign listed is SK,or

    is no longer in use.


    >Less important, voluntary blocking of reception channels,

    >systematically for the maximum listening time.

    >It is a desire to harm what is listening to the receiver.


    So simply limit the time to something useful like a max 2 hours daily.

    Please no useless 5 mins of 30 mins, otherwise we cannot listen to a normal

    one hour shortwave broadcast without having to get kicked off.


    And block known bad IP addresses.

    The tools are there, as well as plenty of useful exchanges on this forum.


    >Broadcast pirate radio stations use my receivers as antenna returns.

    >Certainly... Not too much of a consequence. In the worst case,

    >you can be declared an accomplice of the company.


    So a pirate is using a frequency that I am also monitoring for a legal signal.

    Not my problem or yours. I'm not supporting the pirate, I happen

    to be listening on the same frequency for a legal signal, or other experiment.



    >Lots of connections from foreign countries that are questionable.

    >I could be accused of favoring foreign interference from countries

    >that are in opposition to France.


    I'm sure that all the countless foreign embassies in just

    about every country have their own monitoring equipment

    already feeding back data to their Motherland anyway.


    And by making your own restrictions, you've already provided

    barriers to normal users, and that means that the "enemy" has won

    over the rights of normal users.


    >On the other hand, due to their status, it is possible to authorize

    >licensed radio amateurs. Radio amateurs are already subject to very

    >strict regulations. Connected SDR receivers can be considered as

    >“relays”. I will therefore give access to the receivers to radio

    >amateurs who ask me for it (password).


    So how do you validate a legal radio amateur ?


    Do you want them to send you a copy of their licence / drivers ID /

    passport, or use a joke website like QRZ.


    How do WE users know that you are not a spy living in France and using

    the pretence of using your Kiwi RX to harvest personal data from our

    drivers licence / passport / ham radio licence for identity theft ?


    >Understand me, following numerous exchanges with victims of Callsign QRZ theft,


    Oh here we go again, QRZ.

    See my comments above.


    But please please please, do not consider my comments as combative

    or as an attack.


    It's YOUR system and your rules and we respect that.


    I'm am just speaking in a straight way to illustrate my thoughts

    in an easy way, in the hope that the message is as clear as possible,

    espeically so when considering that not everyone may have a perfect

    command of English.


    Heck, I hardly speak a word of French, and I'm only about 30Km from

    the French border


    73 de <censored, because I might be a DGSE operative living in England> ;-)

  • Hi Andy,

    I understand the points you are making, but having previously discussed this with Philippe, I think there are some valid concerns, that may discourage other people, in other countries, from operating a KiWi.

    If a simple fix, which John has already implemented, can help remove some of these barriers, then surely it is a good thing ?

    Some countries are extremely sensitive about some aspects of the radio hobby, and to be honest, if I was living in one, I wouldn't be running a KiWi. It's easy to forget this when living somewhere that is more "relaxed" about such things.

    Callsign piracy has always been an issue, and using an alpha-numeric string (or emojis) to identify an individual doesn't mean that they are who they say they are. However, I can understand the problem for the KiWi admin, if someone else decides to use your callsign, and you, the legitimate owner, find out, and then blame the admin for something that he has no control over. This may sound unlikely, but I have experienced similar problems when we had the "Chat" facility enabled on one of our websdr's, which caused so many issues we, (like most other websdr admins) removed it. Any public site, that has the ability for folks to anonymously post comments, no matter how brief in content, will unfortunately be abused.

    Andy - "they" already know, who you are and where you are :-)

    Regards,

    Martin - G8JNJ ( or am I )

    Nate_R
Sign In or Register to comment.