Fitness apps help people stay fit by monitoring their activities and provide information. But it is strange that one of the fitness apps caused a serious security threat. Though Strava, the prominent fitness app, revealed a heatmap to show how much and where people are exercising in November 2017, it was found recently by a student from Australia that the heatmap revealed the locations of military camps of the U.S. and other countries in Afghanistan, Somalia, Syria, and others.
It is unusual for a fitness app to expose national secrets, but the accidental exposure and discovery issued a warning for military organizations to review rules regarding usage of wireless devices and apps. Though the fitness company clarified that users have an option to keep fitness activities private and the released heatmap consist of public data only, it is possible that military personnel shared their data unknowingly. The U.S. military press office informed The Washington Post about the rules being reviewed after the discovery of military bases in the heatmap. But the question remains whether it is necessary to reveal such heatmap of public data.
Releasing public data can be helpful for the companies as a marketing strategy. The data offers number of activities (which was in billions for Strava) conducted by users and how fitness consciousness is increasing day by day across the world. Moreover, it offers insights on how the world works out. The data helps people find new trails, compete against other people, and find new places to carry out exercises.
Strave argued that it provides users a control over their privacy and they only released data marked as public. However, releasing the data without scrutinizing whether it is exposing national military secrets that could pose dangerous challenges in future became a serious headache for the company. Furthermore, the heatmap does not release a personal information about users. But visiting those places and looking out for users who ran on those tracks could expose information about military personnel and their base camps. The company needs to take these risks into consideration. Not only information about military personnel but also lives of regular people can be at risk if unknown trails are found so easily and mishaps are planned on those routes.
Strava CEO James Quarles said that the company will work with military organizations and governments to address the issue. Despite the release of sensitive data, the heatmap showing global data remains accessible same as before.
He said the firm would review “features that were originally designed for athlete motivation and inspiration to ensure they cannot be compromised by people with bad intent.”
Only blaming Strava for releasing data without thinking over the consequences it may face will not be the solution. Users also need to understand the implications of sharing their personal data. Military personnel may have shared their information without knowing the implications or lack of knowledge about tracking system, so Strava need to review their privacy settings to let people know implications of releasing their personal data.