Strava fitness app exposes jogging routes around military bases
In November 2017, San Francisco-based Strava, maker of a GPS-enabled fitness app, published a heat map showing the activity of all its 27 million users around the world. Upon outside examination, the data visualisation, which was built from 1 billion activities and 3 trillion data points covering 27 billion kilometres of distance travelled over the previous two years, exposed individual jogging routes in remote areas, including those used by soldiers around military bases in war zones, where there is little other activity. In addition, carrying the devices within military installations exposes both their existence and their internal design, even though these are specifically omitted from Google's and Apple's maps. Strava's initial reaction was to suggest that military users should opt out of the heatmap.
However, the problem appears to be that although a mechanism for opting out of sharing location data is provided, the interface design is confusing and complex, and users do not always know to activate it or how to use the app's privacy settings. Anonymising the data does not eliminate the security or defence risk. The US National Security Agency allows wearable fitness monitors in some localities, but in general such decisions are left up to the special security officer in charge and therefore they are banned in some places.
Writer: Drew Robb, Liz Sly, Alex Hern, Jonathan Marcus, Jenna McLaughlin
Publication: Medium, Washington Post, Guardian, BBC, Foreign Policy