wordpress blog stats
Connect with us

Hi, what are you looking for?

Strava’s fitness tracking heat map reveals location of military bases

Strava heat map

Data released by fitness platform Strava may have unintentionally exposed critical information like the whereabouts of US military bases around the world.

Strava is the maker of a fitness-tracking app that uses a phone’s GPS or fitness trackers to track when and where a user is exercising, designed to be a social network of sorts for athletes. Last November, the app maker released a global heat map showing the activity of its users from around the world, containing information from a billion activities across 3 trillion latitude and longitude points.

But researchers have discovered the heat map reveals highly sensitive information about the locations and activities of soldiers at various military bases. Nathan Ruser, a member of the Institute for United Conflict Analysts, who first discovered the issue, tweeted, “Strava released their global heat map. 13 trillion GPS points from their users (turning off data sharing is an option). It looks very pretty, but not amazing for Op-Sec. US Bases are clearly identifiable and mappable.”

Most parts of the United States and Europe, where millions use fitness trackers and smartphones, show up on the map as bright blazes of light because of heavy activity.

Advertisement. Scroll to continue reading.

In conflict zones such as Iraq and Syria, the heat map becomes almost entirely dark — except for scattered bits of activity. Zooming in on those areas throws up outlines of known US military bases, as well as of other unknown and potentially sensitive sites — presumably because American soldiers and other personnel are using fitness trackers as they move around.

A threat to security?

Strava’s heat map doesn’t necessarily reveal the locations of military installations to the world — Google Maps and public satellite imagery sources have already done that — but rather than showing just the location of buildings and roads, Stava’s map the movement patterns in the areas and maps out frequently used paths. This is a potential security threat to military personnel.

For example, the below is a satellite image of the Pathankot Air Base in Punjab with Strava’s heat map data overlayed on it. It shows the route frequently used around the sensitive airbase which has been a terrorist target in the past.

While the users share their data with Strava voluntarily the issue does bring up questions about informed consent with regards to privacy. “Privacy of data simply cannot be negotiated person by person, especially because there’s no meaningful informed consent. People cannot comprehend what their data will reveal especially *in conjunction* with other data. Even companies do not know this, so they cannot inform anyone,” Zeynep Tufekci, an associate professor at the University of North Carolina and an opinion writer for The New York Times wrote on Twitter. “I’ll emphasize: In the digital age, there is NO meaningful informed consent with regards to data privacy that operates at an individual level. Current implications are unknown; future uses are unknowable. Companies structurally cannot inform and we are in no position to consent.”

Former soldier’s also seemed to be alarmed about the issue, “Big OPSEC [operations security] and PERSEC [personal security] fail,” tweeted Nick Waters, a former British army officer who pinpointed the location of his former base in Afghanistan using the heatmap. “Patrol routes, isolated patrol bases, lots of stuff that could be turned into actionable intelligence.”

Adding to that concern, Twitter user Paul Dietrich, who writes about US’s National Security Agency wrote “I was able to identify a soldier running a route around a camp in Iraq and follow him home to France. Using the built-in interface of Strava, in the manner in which it was intended.”

Will it affect India?

The US-led military coalition has reacted by tweaking its guidelines on the use of communication devices.

Advertisement. Scroll to continue reading.

“The rapid development of new and innovative information technologies enhances the quality of our lives but also poses potential challenges to operational security and force protection,” the coalition said in a statement to The Washington Post.

“The Coalition is in the process of implementing refined guidance on privacy settings for wireless technologies and applications, and such technologies are forbidden at certain Coalition sites and during certain activities,” it added.

In the past, the Indian military establishment has ordered the removal of certain apps from smartphones which were viewed as a threat to security although no such order has been made regarding Strava as of yet.

In December 2017, the Ministry of Defence issued an order to the Indian armed forces asking officers and all security personnel to remove, uninstall over 42 Chinese apps as these have been classified as ‘spyware’. The list included popular apps like Mi Store found on all Xiaomi smartphones, WeChat which is a popular messaging app from China, ShareIt which is used for file transfers and one of the most popular apps in India.

Advertisement. Scroll to continue reading.
Written By

Writes about consumer technology, social media, digital services and tech policy. Is a gadget freak, gamer and Star Wars nerd.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



The DSCI's guidelines are patient-centric and act as a data privacy roadmap for healthcare service providers.


In this excerpt from the book, the authors focus on personal data and autocracies. One in particular – Russia.  Autocracies always prioritize information control...


By Jai Vipra, Senior Resident Fellow at Vidhi Centre for Legal Policy The use of new technology, including facial recognition technology (FRT) by police...


By Stella Joseph, Prakhil Mishra, and Yash Desai The Government of India circulated proposed amendments to the Consumer Protection (E-Commerce) Rules, 2020 (“E-Commerce Rules”) which...


By Rahul Rai and Shruti Aji Murali A little less than a year since their release, the Consumer Protection (E-commerce) Rules, 2020 is being amended....

You May Also Like


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ