zlacker

ADS-B transmissions are not "public data" you can look up, what you're referring to as "public data" are datasets of dubious legality from the likes of flightradar24 who operate ADS-B logging devices around the world.

For example, in Europe what they're doing is strictly in violation of the GDPR.

>>rosnd+(OP)
Love the GDPR, but how is ADS-B data personal data?

>>guitar+l1
How could it not be? Your plane's location data is just as personal as your car's, or your cellphone's. There's no special aircraft exemption in the GDPR.

>>guitar+l1
In the GDPR sense any information that can be tied directly to a person is "personal data" but since nobody in this story lives in Europe I think it's neither here nor there that this is the case.

>>emoden+I2
GDPR has nothing to do with whether or not you live in Europe. The plane we're discussing here does frequently visit Europe.

>>jdong+g3
Does it? I'd look it up but, well, @ElonJet i.u suspended. it seems it mostly goes between SF, LA, and Austin though. It's a G700 which has a range of 8,053 mi though.

Also, given that the GDPR only applies to people of the EU, I'd say it, at the very least, has something to do with living in Europe, since, umm, y'know, that's where most people with citizenship in an EU county live.

>>jdong+g3
Maybe when Europe takes control of the global financial system they'll be able to go after US citizens for doing things that aren't illegal in the US but in the meantime I don't see what difference the jet visiting Europe makes either.

>>fragme+d4
GDPR does not only apply to people of the EU, GDPR applies within the jurisdiction of the states which have implemented it. GDPR protects Musk when he flies to Europe, you'd have to treat that data differently than flights within the US.

>>jdong+w2
A plane is not a person, a phone, a car, or a home. Elon Musk is often the passenger on his jet, but I am quite sure he is often not on board while it moves around.

>>kennyw+95
Why would a plane be treated differently than a car in a GDPR context?

>>rosnd+(OP)
You might want to investigate what the "B" in "ADS-B" stands for.

>>stonog+W5
The comment you're replying to perfectly addresses that.

>>emoden+I2
Beyond that, you see a lot of mocking of GDPR rules from American industry and we still have a lot of websites that block on the basis that they want to divulge your personal details to any and everyone.

>>jdong+w2
I think there's something perverse about the very concept of having a personal plane. Perhaps that's the real issue here.

>>jdong+Z4
TIL, thanks!

https://www.lexology.com/library/detail.aspx?g=0dc9663d-ac3b...

>>mcv+Xh
> Perhaps that's the real issue here.

I don't see how it could be, that seems like an entirely separate issue.

>>fragme+mi
This is all well and good but even if the EU claims jurisdiction over people who aren’t in the EU publishing information about the EU (not clear from this article that this is the case; it just says that it applies to you if you are in the EU even if you’re not an EU citizen), how would they enforce that?

>>jdong+Cx
It's not. If it wasn't his personal plane but a chartered plane or one out of a pool of company planes, this wouldn't be an issue.

>>jdong+Cx
A big reason these jet accounts were popular is people enjoyed calling attention to how wasteful many of the flights were, which I can’t imagine Elon was unaware of.

>>emoden+8T
Relatively easily? Even if your business has zero presence in the EU, other businesses handling money for you likely do.

US company using Paypal to accept money from US persons? Paypal has presence in the EU and will hand your money over.

>>mcv+PU
Who gives a shit about Elon? What the ADS-B data brokers are doing will continue to be illegal even if Elon never steps on a flight again.

>>rosnd+(OP)
Nope, you can get an SDR dongle and track planes all you want all the time even in the EU. Plane doesn't equal person, and I doubt the EU courts would argue any other way otherwise we'd need to criminalize tracking of UPS trucks and the like.

>>ladyat+F11
> Nope, you can get an SDR dongle and track planes all you want all the time even in the EU

For example in Finland you would likely be violating the radio secrecy laws by merely listening unless you're actively involved in aviation (e.g. flying a plane or sitting in a tower)

In all EU countries you would be violating the GDPR if you stored this data without a lawful basis. (If you're wondering what constitutes "lawful basis", here's a helpful tool https://ico.org.uk/for-organisations/gdpr-resources/lawful-b...)

> I doubt the EU courts would argue any other way otherwise we'd need to criminalize tracking of UPS trucks and the like

Why would the GDPR prevent UPS from tracking their own trucks? How is this even remotely related to what we're discussing here?

>>rosnd+O01
I've never heard of this happening and, besides this, ElonJet was being operated by a private individual and not for profit. You think they're going to get his bank account shut down over it? I can't imagine the bank entertaining that.

>>rosnd+831
GDPR does not apply to the movements of aircraft, not even private jets.

Somehow getting, storing, and sharing passenger manifests would constitute PII of the sort that falls under GDPR.

>>jdong+w2
There are services you can pay for (in the US) to track a car’s (almost) real-time location without gps. It’s based upon license plates and widespread webcams and it’s not illegal (yet).

>>jdong+v11
Please provide some evidence of your repeated claim that they're illegal in the US and Europe.

>>_djo_+r71
>GDPR does not apply to the movements of aircraft, not even private jets.

It sure as hell does, just like it applies to movements of cars and movements of mobile phones.

https://ico.org.uk/for-organisations/guide-to-data-protectio...

>>emoden+a61
The elonjet twitter has nothing to do with anything, it's just a bot reposting adsbexchange.

>>monkpi+681
Yes, but in the EU this would be illegal.

https://www.privacy-ticker.com/decision-to-fine-the-norwegia...

>>_djo_+w81
As far as I can see, nobody here has made any claims regarding anything being illegal in the US.

> Please provide some evidence of your repeated claim that they're illegal in Europe

https://gdpr-info.eu/

What kind of evidence do you want exactly? This is crystal clear to anyone with the most basic understanding of the GDPR.

>>rosnd+Fd1
The whole reason for this tangent is a claim somewhere upthread that it’s violating the GDPR.

>>jdong+o5
> Why would a plane be treated differently than a car in a GDPR context?

A car is generally registered to an individual. A plane isn't.

You could also -maybe- argue that because there's multiple people on the plane (assuming Ol' Muskie isn't flying it himself) and that those people are potentially different every time, without a passenger and crew manifest, it's not identifying individuals (but I suspect you'd not get far with this.)

>>emoden+Zq1
That tangent was regarding the data sources used by the twitter account.

>>zimpen+yv1
Planes are very often registered to individuals, and that doesn't even matter! The plane being company owned doesn't magically change anything, what matters is who's being transported and whether or not they will be easily linked to the aircraft.

From a GDPR perspective it also makes no difference whether it's 5% or 90% of planes that are owned by individuals as opposed to by companies.

>>rosnd+sd1
Again, this is public data and nobody has been able to successfully make a case that aircraft movements are cases of indirect PII in terms of the GDPR.

>>jdong+bH1
Do you have some links that support this theory? I'd be interested to read up on it.

edit: Specifically mentioning planes and their locations, I mean, not "extrapolating from cars to planes".

>>_djo_+fI1
> Again, this is public data

It isn't! These are ephemeral radio transmissions which contain PII. You might collect those transmissions and publish them somewhere, but that would be illegal.

> nobody has been able to successfully make a case that aircraft movements are cases of indirect PII in terms of the GDPR.

So you're just trolling. That's not how the GDPR works, you don't get to make any kind of case at all. The government will when they eventually get to it after clearing decades worth of backlogs.

And for what it's worth, there are already perfectly applicable precedents https://www.enforcementtracker.com/ETid-851

>>zimpen+kM1
>edit: Specifically mentioning planes and their locations, I mean, not "extrapolating from cars to planes".

You have to be trolling. What leads you to believe that the GDPR which never mentions either aircraft or cars would treat these two kinds of vehicles differently?

Can you find anything in the GDPR texts to suggest that cars and planes would be treated differently?

>>jdong+hO1
> the GDPR which never mentions either aircraft or cars

ICO's guide to the UK GDPR does have a specific example of cars being identifiable[1] - "A vehicle’s registration number can be linked to other information held about the registration (eg by the DVLA) to indirectly identify the owner of that vehicle." Nothing about planes though.

[2] covers car registrations and explicitly discounts company owned vehicles from being PII - "The registration plates of commercial vehicles are not personal data of an individual as the vehicle is owned by an organisation."

All of Ol' Muskie's jets are owned by Falcon Landing LLC, a shell company.

[1] https://ico.org.uk/for-organisations/guide-to-data-protectio...

[2] https://sapphireconsulting.co.uk/is-a-car-registration-plate...

>>zimpen+582
>ICO's guide to the UK GDPR does have a specific example of cars being identifiable[1] - "A vehicle’s registration number can be linked to other information held about the registration (eg by the DVLA) to indirectly identify the owner of that vehicle." Nothing about planes though.

Car registration numbers is a very common kind of data for businesses to handle, of course it makes it on the list of examples.

Same is not true of planes, of course they don't make it on the list of examples.

>[2] covers car registrations and explicitly discounts company owned vehicles from being PII - "The registration plates of commercial vehicles are not personal data of an individual as the vehicle is owned by an organisation."

>All of Ol' Muskie's jets are owned by Falcon Landing LLC, a shell company.

This doesn't work, you can't wash off PII by tying one aspect of it to an organisation. My phone line might belong to a business, but that doesn't give the carrier a free pass to do whatever they want with associated location data.

>>rosnd+CN1
There is no PII in these transmissions. You clearly have no idea what this actually is or how it works, you’re just looking for reasons to defend Musk. Bizarrely.

> you're just trolling. That's not how the GDPR works, you don't get to make any kind of case at all. The government will when they eventually get to it after clearing decades worth of backlogs.

To “make a case” for something means to provide a persuasive argument for it. If I had meant pursuing a lawsuit I’d have said so.

>>_djo_+bG2
> You clearly have no idea what this actually is or how it works, you’re just looking for reasons to defend Musk. Bizarrely

What? Where am I defending Musk? You seem to have an unhealthy obsession with the clown. I haven't even mentioned the guy!

Unlike you, I don't give a shit about the guy. I'm just an European aircraft owner who's not a fan of these websites.

>There is no PII in these transmissions.

>To “make a case” for something means to provide a persuasive argument for it. If I had meant pursuing a lawsuit I’d have said so.

Are you kidding? Mere pictures of license plates associated with timestamps have been found to be covered by GDPR, perfectly analogous to what's being discussed here.

http://enforcementtracker.com/ETid-851

Instead of car license plates, we have tail numbers and ICAO addresses. That's the only difference.

>>happym+c9
And, worse, they abuse the HTTP 451 status for that.

No, I don't live in a country that censors the website - it's the company who owns the website that wants to do things with my data that my country (and myself) considers illegal.

>>emoden+e4
Elon is not protected by the GDPR as he is neither a citizen nor a resident of an EU member country.

>>rbanff+703
GDPR has nothing to do with citizenship, why would you even bring that up?

Really, it even has nothing to do with residency. It's all to do with jurisdiction, when Elon happens to be within EU jurisdiction he is protected by the GDPR.

When Elon takes his jet to visit Greece, he is indeed protected by the GDPR (even if just interacting with US based companies while he's on holiday, GDPR still applies)

>>rbanff+VZ2
How is that supposed to be abuse? The website is unavailable because the way they operate isn't legal in your jurisdiction. 451 seems perfectly appropriate

>>jdong+pe1
That’s not evidence. That’s just your opinion, based on your assumption that private aircraft are like private cars under the law.

Except that they have never been treated equivalently in any legal venue or government regulation.

>>rosnd+xH2
Private cars have always been treated differently to private aircraft in US, UK, and EU law. So, no, it’s not analogous.

Nobody would even contemplate a public registry of car owners, for instance, but all of those countries maintain one for aircraft.

I’ve seen multiple attempts to make the same argument you are by disgruntled private aircraft owners every now and then. None have succeeded in any official venue.

>>_djo_+uh4
Do you have any evidence to share which might suggest that GDPR treats private aircraft differently than ... literally everything else?

If not, why would we just not accept that GDPR treats aircraft exactly how it treats everything else? The law, as written, clearly offers no specific coverage or exemption for any types of vehicles.

>>_djo_+4i4
>Nobody would even contemplate a public registry of car owners, for instance, but all of those countries maintain one for aircraft.

Are you joking? Lots of EU countries have had this, and still do.

For example in Finland, https://www.traficom.fi/en/services/vehicle-data-and-tax-pay...

In Sweden you can text the cars registration plate to 72503 and get the cars owners info.

In Norway you can look up car owners by registration plate or VIN https://www.vegvesen.no/en/dinside/kjoretoy/finn-eier-og-kjo...

In Portugal anyone can request the registration certificate from the IRN, that contains the owners information.

The governments aren't bound by GDPR and can totally do this, but as a private party it would generally be illegal for you to scrape this data.

>I’ve seen multiple attempts to make the same argument you are by disgruntled private aircraft owners every now and then. None have succeeded in any official venue.

Same is true of literally all GDPR violations, we've only just introduced these laws and catching up on the enforcement backlog will take decades.

Not only that, but most governments are doing a very shit job funding the enforcement authorities.

The obvious solution will be to allow impacted individuals to litigate GDPR violations by themselves.

>>rosnd+Wj4
As the one making the assertion of illegality in terms of the GDPR, the onus is on you to provide a substantive justification for it. Not me.

>>_djo_+1H4
I've already done that.

You're the one arguing that there's some special exemption for aircraft, but have done nothing to substantiate that claim.

Besides, with the GDPR it works the opposite way. You have to justify why your data processing is legal, not the other way around.

And for fucks sake, neither of Flightradar24 or ADSBExchange even offer a GDPR-compliant privacy policy. ADSBexchange does not offer one at all.

>>rosnd+I34
It's not the content that's illegal. It's the business practices of whoever hosts the content that are.

There is no government censorship imposed on the content - it's a company that's unwilling to comply with the law.