I set up nightscout yesterday in readiness for my miaomaio to arrive. I got a web address myuser.herokuapp.com. All very good.
I went back to my browser later and accidentally mistyped that address and got a page full of data. I was a little surprised that data was present in my nightscout. I puzzled over it for some time. The data went back months!
The penny finally dropped that I had mistyped the url and when I returned to mine it was, as expected, empty.
A couple of questions:
Is it usual for the nightscout page to be completely open? I don’t have a clue who this person is, but s/he has a samsung 10 phone, measures in mmol/L, and speaks English.
Any idea how I could contact this person and tell them their data is open to the world?
Anyone can see anyone else’s Nightscout page if you happen upon it or they share the url. Admin rights are reserved fort those who can “unlock” (provide the api secret) the Nightscout account.
I think that is a pretty strange and in general unacceptable system. Some people will inadvertently be giving away a lot of info there. Is there a way of deploying to anywhere other than heroku?
What info are you giving away that can somehow hurt you? No name, ssn, phone number, address, etc.
No PII data at all. It’s just some anonymous persons bg data.
I swap NS urls with other parents at times as a way for us to see if we can find patterns and try to help each other manage our kids ngs i wouldn’t care if our url were public
Yeh people said that when google and facebook started collecting “anonymous” data about us too.
I put the question back to you: why would you share intensely personal data with the world, even anonymously? I think we all need to protect any and all personal data where possible.
But my recommendation to anyone is do what you’re comfortable with. If you think it’s a data leak, data mine, insecure zone for personal data theft, i recommend not using the system.
I don’t know anything about nightscout or even what @nickr is referring to directly… but I 100% understand his concern about bg data being intensely personal…
It’s different for adults than children… adults have careers, are subject to nonsensical bureaucracy etc… there are a lot of potential ramifications to blood sugar data already and even more potential for the future… it’s a very slippery slope imo
Historically I don’t even share electronic bg data with my own doctors… although that’s becoming harder and harder to do…
Hypothetical—- your son wants to fly an airplane someday and some bean counter decides that the acceptable bg range for someone with that diagnosis is something absurd like “bg managed between 90-125 100% of the time”
Not that this particular platform is directly accountable to him but it is just an example of why electronic data tracking in the public domain makes some people like the OP and like myself very nervous