Fitness app Strava plans privacy push after military workout data sparks security snafu

Fitness app Strava plans to boost awareness of its privacy and safety tools after personnel at U.S. military bases sparked security concerns by sharing details of their exercise routines.

The service members’ movements appeared on a global "heatmap" of fitness data published by Strava that experts cited as posing a potential risk to base security.

“We learned over the weekend that Strava members in the military, humanitarian workers and others living abroad may have shared their location in areas without other activity density and, in doing so, inadvertently increased awareness of sensitive locations,” noted Strava CEO James Quarles in a blog post Monday.


Strava does give users the option not to share their data. The company, Quarles said, is working to increase awareness of how its privacy and safety tools work and make them even easier to use.

A screenshot of Strava's heatmap (

A screenshot of Strava's heatmap (

“Our engineering and user-experience teams are simplifying our privacy and safety features to ensure you know how to control your own data,” he said.

Strava is also committed to working with military and government officials to address potentially sensitive data, according to the CEO. “We are reviewing features that were originally designed for athlete motivation and inspiration to ensure they cannot be compromised by people with bad intent,” he added.


The global heatmap, which was published in November 2017, tracked 1 billion activities from September 2017, according to Strava. The map is compiled from 3 trillion latitude and longitude points and reflects a total distance traveled of 17 billion miles.

The map, however, shows the movement of U.S. personnel on bases in sensitive locations such as Afghanistan and even Syria, as well as stateside.

“DoD takes matters like these very seriously and is reviewing the situation to determine if any additional training or guidance is required, and if any additional policy must be developed to ensure the continued safety of DoD personnel at home and abroad,” explained a Department of Defense spokesperson, in an email sent to Fox News on Monday.

The U.S. military conducts regular training for service members on data security, although the heatmap suggests that more attention needs to be paid to information privacy.


“Annual training for all DoD personnel recommends limiting public profiles on the internet, including personal social media accounts,” explained the spokesperson. “Furthermore, operational security requirements provide further guidance for military personnel supporting operations around the world. Recent data releases emphasize the need for situational awareness when members of the military share personal information.”

Security experts say that incident should serve as a reminder to consumers about how they handle their private data. “Apps like Maps, Uber, Weather and even camera apps like Snapchat use location services to cater to users based on their location,” explained Deepak Dutt, CEO of fraud detection specialist Zighra, in a statement emailed to Fox News.As consumers, we often don’t fully read through privacy statements due to their length and complexity, yet we agree to them. Transparency must be a key focus as we work toward better privacy regulations.”

Follow James Rogers on Twitter @jamesjrogers