Last November, Stava — the “social network for athletes” — released their annual global heatmap of user activity or “a direct visualization of Strava’s global network of athletes.” The report consists of 1 billion activities, 3 trillion latitude/longitude points, and over 10 terabytes of raw data. In short, it’s a staggering amount of personal data, anonymized and aggregated, and overlaid on a map.
For two months, the report made little fanfare. But this week, Nathan Ruser, an Austrailian university student studying the Middle East and security, pointed out on Twitter that Strava’s heatmap revealed more than just popular jogging paths. Alex Hern, The Guardian:
In locations like Afghanistan, Djibouti and Syria, the users of Strava seem to be almost exclusively foreign military personnel, meaning that bases stand out brightly. In Helmand province, Afghanistan, for instance, the locations of forward operating bases can be clearly seen, glowing white against the black map.
Zooming in on one of the larger bases clearly reveals its internal layout, as mapped out by the tracked jogging routes of numerous soldiers. The base itself is not visible on the satellite views of commercial providers such as Google Maps or Apple’s Maps, yet it can be clearly seen through Strava.
Tim Cushing, Techdirt:
Strava does allow users to geofence “private” areas to prevent tracking in those areas. But it’s not a default option. If you don’t want to share every movement with Strava, you have to opt out. Most users don’t. And most users are seemingly unaware of how much data they’re leaving behind.
This “metadata” – something our government refers to as harmless when gathered in bulk – can result in real-world security issues.
And Jeffrey Lewis, The Daily Beast:
No one is really at fault here, other than individual users who may have violated security procedures. What the heat map does illustrate, though, is that we’re living in a very different age than the one where we developed a lot of our ideas about deterrence and strategic stability.