Report: Fitness Apps May Compromise Military Security

John Lister's picture

Fitness apps used by soldiers may have inadvertently revealed their location and activities while deployed overseas. They've been warned to activate privacy options that can prevent data collection.

The problem is with an app called Strava, which lets users track their activity when they go running or cycling. It goes beyond some apps that simply allow individuals to keep their own records or choose to share them with friends for motivation or suggested routes.

Instead, Strava combines all the data collected from a reported 27 million users and produces "heat maps" that show the most popularly used routes over the past couple of years. The idea is that users can look for such routes both for inspiration and as a sign they may be particularly suited to running, for example with little traffic or having a pleasing landscape to run through.

Bases Unintentionally Mapped

A university student studying international security spotted that several of the displayed routes are of or around US military bases in foreign countries with elevated security risks. (Source:

The routes appear in different colors based on how frequently they are used. That means that even though the location of the base may already be public knowledge, the routes can show movement patterns within the base and clues about buildings. This could help enemies target missile attacks from beyond the base border.

Another possible problem comes with the routes outside the base. These could be areas which soldiers use for running because they feel safer there. That might in turn let enemy forces know where they could pick off targets.

Privacy Too Confusing

While the app isn't necessarily widely used among soldiers serving overseas, that's a problem in itself. Because so few people are using the app in remote regions, even a single user's route could stand out enough to appear on the maps.

While it might seem obvious for soldiers to consider the risks of such apps, privacy settings may be an issue. The app does have settings that either mark a specific run or ride as private, or automatically set all activity in a specific area to be marked as private. The routes and other details are then excluded from the "heat maps." However, critics have previously argued it's too complicated to keep track of these settings. (Source:

What's Your Opinion?

Do you consider this a significant risk? Should military staff stop using apps with location tracking at all while on deployment? Could companies give clearer information about privacy settings?

Rate this article: 
Average: 5 (2 votes)


matt_2058's picture

1. Of course it's a significant risk.
2. Yes, but it won't do any good. Almost all apps collect some kind of data. If nothing else, then an IP address.
3. Yes, but they won't. It's like a mile-long EULA. The Co. can do anything with the info it gathers. You have no rights after the EULA. You agree to ALL court costs if you choose that route...if the EULA does not mandate arbitration. The 'store' could put limitations on data collection by all apps. That would be the easiest way to protect consumers.

Anyone that needs exercise routes to determine building locations has not used google maps. One thing I can see the app data giving up is troop movements, especially if using the app is a unit effort.

Product research has gotten worse than living in a small town. Nosy, nosy, nosy. Everybody wants to know your business!