Fitness trackers do a lot of good. On an ordinary day, they help us keep tabs on our health goals on a daily basis. On a not-so-ordinary day, they’re saving lives by providing critical information to medical professionals.
In this instance, however, the information stored in fitness trackers proved problematic, as fitness-tracking company Strava revealed outlines of U.S. military bases and routes taken by supply convoys and patrols in some of the most dangerous areas of the world.
Strava’s Global Heat Map uses satellite information from fitness tracking devices like Fitbits to map locations and movements of subscribers over a two year period, showing where its users are partaking in physical activity. According to The Washington Post, Strava has 27 million subscribers around the world who use a multitude of fitness trackers, like Fitbit and Jawbone, as well as those who subscribe to the app directly on smartphones.
The information creates a heat map, showing hot spots around the world where users are doing the most activity. Obviously, in major cities and metropolitan areas, there will be a lot of information from users. In current war zones in the Middle East, such as Lebanon, Iraq and Syria, there is limited human activity. So, for the U.S. military personnel using the service, it creates a relatively detailed outline of military bases, patrol outposts and soldier movement.
To counter the inadvertent leak of information, the U.S. military announced today that it’s adjusting the guidelines for use of all wireless and technological devices on military facilities, claiming that mistakes like the Strava incident can be used to expose identities of individuals working in sensitive positions, as well as give away military movements and plans that otherwise would be confidential.
The thing is, with Strava, a subscriber can see a particular running route, click it, and see exactly who is running along that route. In an area like New York City, a popular footpath would be full of users’ paths. But, in the case of these military personnel, Strava users could get the exact identity of U.S. military personnel and where they run around their base in Afghanistan.
“The rapid development of new and innovative information technologies enhances the quality of our lives, but also poses potential challenges to operational security and force protection,” the Central Command press office in Kuwait, which represents the U.S.-led fight against the Islamic State, told The Washington Post. “We constantly refine policies and procedures to address such challenges.”
The statement continues, saying that the Coalition is currently working on privacy settings for wireless electronics and applications.
Further, Strava released a statement stressing how seriously it takes the safety of users, and saying that it plans to work with military and government officials to address the current problems.
Nathaniel Raymond, director of the Signal Program on Human Security and Technology at the Harvard School of Public Health, told The Washington Post that this data being public was “a potential catastrophe,” and, as a demonstration of the capabilities, used a Strava map to pinpoint his jogging route he frequented with U.N. peacekeepers in South Sudan in 2015.
His primary concern is that, in addition to the military strategies that leak, it also puts humanitarian workers in dangerous situations.
“The focus of this story has been soldiers and spies, but we are also talking about humanitarian workers,” he said. “If you look at what we saw in Mogadishu and you are [al-Qaeda affiliate] al-Shabab, you got a pretty good idea of who the foreigners are and what they are working.”
A Berlin-based security analyst told The Washington Post that he personally has identified 573 people who jog around the parking lot of British intelligence headquarters, giving him a pretty good idea of who works there.
“You could, for example, identify somebody who works at a known secret facility and then track his movements to other facilities through which he may rotate,” he added.
As fitness trackers become more popular for people in every walk of life and career field, the question of security of information becomes important. The information disclosed to fitness trackers can save a life, or it can be a detrimental leak of information.
