Strava, the app for tracking physical activities such as running, swimming and cycling, can reveal sensitive military data as well. According to one UCA analyst, the heat map in the app could result in finding out military bases and the routines of their personnel.
How does the Strava app reveal sensitive information?
The 2017 review of the company’s data displayed all the routes covered by its users across the globe. Although the data was released in November 2017, a member of the Institute for United Conflict Analysts (UCA), Nathan Ruser, only recently found that trails from Strava users in various countries could bust the military locations of the U.S. and other nations.
Strava released their global heatmap. 13 trillion GPS points from their users (turning off data sharing is an option). https://t.co/hA6jcxfBQI … It looks very pretty, but not amazing for Op-Sec. US Bases are clearly identifiable and mappable pic.twitter.com/rBgGnOzasq
— Nathan Ruser (@Nrg8000) January 27, 2018
According to Ruser, the publicly available activity map from Strava gives an insight into the routes of soldiers and agents in sensitive locations, including American bases in Afghanistan and Syria, the suspected CIA base in Somalia, Area 51, and the United Kingdom’s Mount Pleasant airbase in the Falklands. A few Russian bases also surfaced.
Though all these bases are well known, Strava data is also capable of revealing sensitive information that the government might not be comfortable with, such as the possible location of living quarters and the most frequently trafficked paths. In Afghanistan, the activity data is not just confined to the bases but also tips off the patrol or supply routes.
Speaking to The Washington Post, Air Force Colonel John Thomas, a spokesperson for the U.S. Central Command, said that the military is assessing the implications of the map. The incident might encourage militaries to restrict the use of such devices, or educate soldiers on the importance of privacy.
Strava’s heatmap relies on public data
Following the controversy, Strava is pointing users to a post on how to manage the privacy settings on their platform. The Strava spokesperson said that it is “committed to helping people better understand our privacy settings,” and that its map “represents an aggregated and anonymized view of over a billion activities uploaded to our platform. It excludes activities that have been marked as private and user-defined privacy zones.”
The Strava app allows users to record their activity using GPS over a phone or wearable devices such as Fitbit, a device popular among U.S. forces. Public data can come in handy most of the time. It can tell about new routes apt for running or identify other runners who are nearby to compete or co-exercise.
The Strava app also has a private mode, which does not allow the information to move out of the app. According to the app maker, the heatmap relies on public data. This means that the military personnel are sharing the information publicly without being aware of the repercussions, notes TechCrunch.
While releasing the updated heat map, Strava said that the update includes six times more data than before – in total 1 billion activities from all Strava data through September 2017.
“Our global heatmap is the largest, richest, and most beautiful dataset of its kind. It is a direct visualization of Strava’s global network of athletes,” the company said.