CNET también está disponible en español.

Ir a español

Don't show this again

Security

Is fitness tracker Strava giving away sensitive military info?

The company's "Global Heatmap" shows exercise routes of its users around the world. Problem is, some of those routes appear to trace secret US military positions overseas.

screen-shot-2018-01-28-at-3-20-43-pm

Strava's Global Heatmap is heating up concerns about military security.

Strava/Screenshot by CNET

It was November when fitness-tracking company Strava first uploaded an updated version of a spiffy heat map showing the physical activity of users around the globe.

But it wasn't until Saturday when the controversy about it started to ignite.

That's when Australian Nathan Ruser, who's studying international security and the Middle East, decided to zoom in on Syria and tweet about it. "I wondered, does it show US soldiers?" Ruser told The Washington Post. "It sort of lit up like a Christmas tree."

That got military experts, soldiers and much of the internet scouring the map to look for evidence of their activity and wondering if the release of such sensitive location and activity information may have been a military security oversight.

Tobias Schneider, an international security analyst based in Germany, was just one who noted on Twitter how Strava is helping to map activity around military sites. "A lot of people are going to have to sit thru lectures come Monday morning," he tweeted, after showing examples of how markers on the map trace military outposts as well as supply and patrol routes.

And he's right. Major Audricia Harris said Department of Defense personnel do get guidance about limiting personal profiles on the internet and operational security measures to take home and abroad. But "recent data releases emphasize the need for situational awareness when members of the military share personal information," she said. "DoD takes matters like these very seriously and is reviewing the situation to determine if any additional training or guidance is required."

San Francisco-based Strava, which calls itself "The Social Network for Athletes" says it has 27 million users around the world who access the app through fitness devices such as Fitbit and Jawbone. Some users subscribe directly to its mobile app. The map shows 1 billion activities from all Strava data from 2015 through September 2017. 

In a statement to CNET, Strava pointed users towards a blog post on how to manage their privacy on the platform.

"Our global heatmap represents an aggregated and anonymized view of over a billion activities uploaded to our platform," the statement said. "It excludes activities that have been marked as private and user-defined privacy zones. We are committed to helping people better understand our settings to give them control over what they share."

First published Jan. 28, 5:06 p.m. PT. 

Update, 9:39 p.m.: Adds comment provided by Strava to CNET.