Skip to content

fix(privacy): remove IP collection and add presence opt-out (#866)#868

Merged
accius merged 2 commits intomainfrom
hotfix/privacy-866
Apr 3, 2026
Merged

fix(privacy): remove IP collection and add presence opt-out (#866)#868
accius merged 2 commits intomainfrom
hotfix/privacy-866

Conversation

@accius
Copy link
Copy Markdown
Owner

@accius accius commented Apr 3, 2026
edited
Loading

Summary

Hotfix cherry-picked from Staging to address #866 (GDPR/CCPA concerns).

  • Remove IP collection: Strip GeoIP/ip-api.com integration, country tracking, and raw IP storage from health check. Visitor stats now use SHA-256 hashed identifiers in memory only — no PII persisted to disk or sent to third parties.
  • Add presence opt-out: New "Active Users Layer" toggle in Station settings lets users hide their callsign from the map. Sends immediate leave beacon on disable.
  • Add privacy notice: Privacy section in Settings > Community documenting data practices.

Closes #866

Test plan

  • /api/health JSON no longer contains countries or geoIP fields
  • Health dashboard no longer shows country section or IP column
  • stats.json contains no IP addresses or country data
  • Toggle share presence off — callsign removed from Active Users layer
  • Settings > Community shows Privacy section

accius and others added 2 commits April 3, 2026 09:57
@accius @claude
fix(privacy): remove IP collection, GeoIP lookups, and country tracki…
51abc32 
…ng from health check (#866)

Stop collecting, storing, and transmitting visitor IP addresses to third parties.
IPs are now only held as SHA-256 hashes in memory for dedup counting — never
persisted to disk or sent externally. Removes ip-api.com integration, country
statistics, and IP display from the dashboard and JSON health endpoint.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@accius @claude
feat(privacy): add presence opt-out toggle and privacy notice (#866)
8254ad1 
Add a "Share Presence" toggle in Station settings so users can hide
their callsign from the Active Users map layer. Toggling off stops
heartbeats and sends an immediate leave beacon.

Add a Privacy section to the Community tab documenting the app's
data practices: no cookies, no tracking, hashed visitor stats,
opt-in presence, and local-only browser storage.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@accius accius merged commit eb8e311 into main Apr 3, 2026
5 of 6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[GDPR/CCPA Violation] IP addresses collected, and transmitted to third party without user consent.

1 participant

@accius