Strava’s Global Heatmap is heating up concerns about military security.
Strava/Screenshot by CNETIt was November when fitness-tracking company Strava first uploaded an updated version of a spiffy heat map showing the physical activity of users around the globe.
But it wasn’t until Saturday when the controversy about it started to ignite.
That’s when Australian Nathan Ruser, who’s studying international security and the Middle East, decided to zoom in on Syria and tweet about it. “I wondered, does it show U.S. soldiers?” Ruser told The Washington Post. “It sort of lit up like a Christmas tree.”
That got military experts, soldiers and much of the internet scouring the map to look for evidence of their activity and wondering if the release of such sensitive location and activity information may have been a military security oversight.
Tobias Schneider, an international security analyst based in Germany, was just one who noted on Twitter how Strava is helping to map activity of military sites. “A lot of people are going to have to sit thru lectures come Monday morning,” he tweeted, after showing examples of how markers on the map trace outpost and supply and patrol routes.
And he’s right. Major Audricia Harris said Department of Defense personnel do get guidance about limiting personal profiles on the internet and operational security measures to take home and abroad. But “recent data releases emphasize the need for situational awareness when members of the military share personal information,” she said. “DoD takes matters like these very seriously and is reviewing the situation to determine if any additional training or guidance is required.”
San Francisco-baed Strava, which calls itself “The Social Network for Athletes” says it has 27 million users around the world who access the app through fitness devices such as Fitbit and Jawbone. Some users subscribe directly to is mobile app. The map shows 1 billion activities from all Strava data from 2015 through September 2017.
Strava didn’t immediately respond to a request for comment, but the Post said it issued a statement urging users to check the company’s website to be sure they understand the privacy settings.
“Our global heatmap represents an aggregated and anonymized view of over a billion activities uploaded to our platform,” the statement said, according to the Post. “It excludes activities that have been marked as private and user-defined privacy zones. We are committed to helping people better understand our settings to give them control over what they share.”
