Picture this: Would you tell a stranger the exact location you will be at the exact time of day every day. Now, imagine sharing this daily information with the entire internet.
Enter the public data sharing of Strava. I’ll come back to this.
As a Division 1 runner, every mile counts. Recovery miles, tempo miles, workout miles; all miles have a specific use for us, distance runners. With the emergence of GPS watches and applications such as Garmin Connect and Strava, distance runners now have the ability to monitor and track every step they take.
Data has become king in the distance world of running. For many of the running community, the use of GPS watches have revolutionized training. With the constant feedback, an athlete can accurately time and pace their runs and workouts. Connecting these GPS watches with an application such as Strava or Garmin Connect will create a visual map of these runs and offer even more feedback such as heart rate. When used consistently, these tools can be a powerful log for athletes when analyzing their training. I am constantly looking back at my runs and training weeks to find areas for improvement.
As mentioned before, Strava is one of the top fitness tracking applications. The application will automatically sync with your GPS watch and download your workout. Once complete, the application will release a visual map of your run with pacing and heart rate metrics. Strava is at the forefront of innovation within this niche community of fitness applications. Due to its popularity and success, Strava has accumulated a trope of data concerning the various daily exercise trends of their users.
In November 2018, Strava released a visualization of this immense data in the form of a heat map. The map contained over 3 trillion coordinates from over 27 million different fitness device users. At a glance, the idea was a interesting insight into the global exercise trends, revealing the most popularly used training routes. Underneath the beautiful visualization of data lay a national security disaster.
Strava’s release of the heat map revealed not only the most popular areas to train, but consequently the least popular areas to train. For the normal consumer, this was quickly overlooked as just a byproduct of the original Strava campaign. For the United States Government and multiple other global security agencies, the release was startling. Out in the Internet for all to see were the fitness habits of top secret government operatives, perfectly tracing their daily movements around some of the most secretive government bases in the world. The map revealed the walking patterns of border patrol officers walking around the US & Mexican border. Area 51 was perfectly outlined in the Strava map. GCHQ, the British National Security base for electronic spying was mapped as well. Finally, the potential scariest mappings was the jogging activities and troop movements of the US Army in war zones, giving a grave insight into the daily habits of the armed forces.
This caused an uproar within the US Government as government aides attempted to purge the internet of their troops’ daily movements. Unfortunately, the damage was already done. Ned Price, a former special assistant to President Obama, said in a tweet that “capable adversaries have almost certainly harvested this data for years.” This begs the inevitable question: Where does the responsibility fall?
As a Strava user, I looked into the privacy policies myself. The large majority are set on public, including the all important location data sharing. Additionally, the privacy settings are not easily found or enacted. The issue rises with the default setting being the public sharing of data. For the vast majority of the users of Strava, their understanding of this data is similar to any social media platform. Yet, the danger of Strava’s data comes at a greater price than a simple Tweet.
Being public on a fitness app such as Strava displays the daily habits of your life down to the exact location. For the troops in war zones or secret forces underground in the UK, this can turn deadly. Undoubtable, the intent of these government officials was to not publically share their data, but the option was not turn off or stayed unknowingly on.
Where does the line get drawn on the company’s responsibility and their user’s own responsibility? With the power of Strava’s location based data, it would seem their responsibility is greater as this provides insight into the widely private lives of their users. Additionally, the default setting is on public, causing simple ignorance to allow for this to remain, dumping location data constantly onto the social platform.
Strava has put the responsibility on the user to make their lives private, which in many cases whips their hands clean of the issues. Yet, when dealing with this type of insight, Strava and other similar companies may want to debate the level of removal from the situation. For one, the US Government and other agencies have reviewed their policy on fitness trackers. For the individual consumer, we must be aware of the data we are allowing to be shared. Strava’s stance is their platform allows for privacy (If you know where to look and how to activate it). With this stance coming from our platforms and companies, the burden is on us as users to be double check our settings and preferences.
A stark reminder that your simple 4 mile jog you do every single day may not be the best thing to share publicly.