The IT Nerd

Because I am a very athletic person, I post my bike rides as well as my walks, hikes and cross country skiing to Strava. And so do my friends who do similar activities. But I have to admit that I am rethinking that at the moment as this thread on Strava’s Community Forums says this:

I spent some time looking at the settings within Strava and found no way to opt out. So when this goes into effect today, every Strava user is opted into having their data shoved into some AI whether they want to have that happen or not.

That my friends is a complete and total #fail. Users should always have the choice to opt into something and not to be forced to opt out of it. And it’s worse when users have no choice to opt out as is the case here. So it leaves me wondering if I should be taking my data, deleting it, and finding another place to post my athletic activities. Because clearly Strava doesn’t care enough about their user base to give them the choice as to how their data is handed.

Oh, by the way, I suspect that once the EU finds out about this, they’ll be having a word with Strava. And it won’t be nice…. For Strava.

Seeing as I am a cyclist, I use Strava to keep track of my rides and also to help me improve. The same is true for millions of other cyclists, runners, and other weekend warriors. Which is when I saw this news over the weekend, I was kind of floored:

Sensitive information about the location and staffing of military bases and spy outposts around the world has been revealed by a fitness tracking company. The details were released by Strava in a data visualisation map that shows all the activity tracked by users of its app, which allows people to record their exercise and share it with others. The map, released in November 2017, shows every single activity ever uploaded to Strava — more than 3 trillion individual GPS data points, according to the company. The app can be used on various devices including smartphones and fitness trackers like Fitbit to see popular running routes in major cities, or spot individuals in more remote areas who have unusual exercise patterns.

However, over the weekend military analysts noticed that the map is also detailed enough that it potentially gives away extremely sensitive information about a subset of Strava users: military personnel on active service… In locations like Afghanistan, Djibouti and Syria, the users of Strava seem to be almost exclusively foreign military personnel, meaning that bases stand out brightly. In Helmand province, Afghanistan, for instance, the locations of forward operating bases can be clearly seen, glowing white against the black map.

Well, Strava is in a whole lot of trouble. But it does illustrate that when companies like Strava, or Map My Run which is owned by UnderArmor, or Runtastic collect the data on millions of users, that data can have all sorts of unintended consequences. For example, I had a brief look at this and these maps (which for the record I have used previously to design cycling routes for myself) clearly outline what I assume are patrol and supply routes. Thus if you’re a bad guy who wants to kidnap or kill people, this would be a great way to figure out where to set up shop so that you could do just that. I am guessing that all these app companies are going to have to get together with the US military to get this sorted for that reason alone. I’m also going to guess that the US military is going to have to crack down on the usage of these sorts of apps to avoid this problem going forward.