Strava fitness tracking map reveals military bases, movements in war zones

Bart Jansen | USA TODAY

Show Caption Hide Caption U.S. soldiers revealing sensitive locations by mapping exercise routes U.S. soldiers may have inadvertently mapped remote military bases including in sensitive locations such as Iraq, Afghanistan and Syria, through publicly sharing their jogging routes with a GPS tracking app.

A San Francisco-based exercise app has posted the locations of its 27 million users worldwide, which military and security experts say could point to military bases where troops use fitness gadgets.

The company Strava, which calls itself “the social network for those who strive,” uses satellite information to map the activity of its subscribers who use gadgets such as Fitbit to monitor their activity. Strava’s interactive “global heat map” showed where people have been exercising for the last two years.

The Pentagon has encouraged the use of Fitbits among military personnel and in 2013 distributed 2,500 of them as part of a pilot program to battle obesity, according to The Washington Post.

But the security concern is that activity in remote locations such as Iraq or Niger could pinpoint where troops are stationed overseas.

Here, I try to explain how identifying a user at one missile base with @strava would then compromise others in turn, using Taiwan as an example.https://t.co/Ps7zpO6DWd — Jeffrey Lewis (@ArmsControlWonk) January 29, 2018

While the locations tracked from 2015 to September 2017 were posted in November, the map was only recently publicized.

Nathan Ruser, who is studying international security and the Middle East, focused on Syria and told the Post that “it sort of lit up like a Christmas tree.”

Big OPSEC and PERSEC fail. Patrol routes, isolated patrol bases, lots of stuff that could be turned into actionable intelligence. https://t.co/22h1Io6rpv — Nick Waters (@N_Waters89) January 27, 2018

Adam Rawnsley, a reporter at the Daily Beast, noticed a lot of jogging activity on the beach near a suspected CIA base in Mogadishu, Somalia.

Ben Taub, a journalist with The New Yorker magazine, focused on the location of U.S. Special Operations bases in the Sahel region of Africa.

This is where I politely remind @Strava that it is sitting on a ton of data that most intelligence entities would literally kill to acquire. https://t.co/tKcf1nnov1 — Jeffrey Lewis (@ArmsControlWonk) January 28, 2018

The military is studying the matter and deciding how to respond.

The Defense Department “takes matters like these very seriously and is reviewing the situation to determine if any additional training or guidance is required, and if any additional policy must be developed to ensure the continued safety of (military) personnel at home and abroad," Maj. Audricia Harris, a department spokeswoman, told The Associated Press.

Privacy settings on the devices could be set to prevent distribution of locations. The U.S.-led coalition against the Islamic State told the Post on Monday it is revising its guidelines on the use of all wireless and technological devices on military facilities as a result of the revelations.

"The rapid development of new and innovative information technologies enhances the quality of our lives but also poses potential challenges to operational security and force protection," the coalition said in a statement to the Post.

"The coalition is in the process of implementing refined guidance on privacy settings for wireless technologies and applications, and such technologies are forbidden at certain coalition sites and during certain activities," it added.

Strava released a brief statement highlighting that the data used had been made anonymous and "excludes activities that have been marked as private and user-defined privacy zones.”