Somebody has been running — and logging their miles on Strava, a personal-fitness tracking and sharing app — around Pyongyang. If you’re interested in seeing their routes, all you have to do is look at the data map that Strava released last week, which also inadvertently served as a heat map, making it easy to locate military bases around the world, including U.S. bases in Afghanistan and Syria. While the locations of those bases may not have been totally secret, the routes highlighted on a map offer information about daily activity that could be incredibly useful to somebody looking to do some harm.
Fault here ultimately falls on anybody with a Fitbit — or any other personal tracker — who didn’t bother to tweak their Strava privacy settings. “It excludes activities that have been marked as private and user-defined privacy zones,” Strava said in its initial statement about the map. But who among us hasn’t breezed through an app’s terms of service and clicked “I Accept” without a fully comprehensive read. Plus, as the Verge notes, opting out of Strava’s tracking feature is a bit of a headache at present.
On Strava’s blog, CEO James Quarles announced that the company is “committed to working with military and government officials to address potentially sensitive data,” and it is “reviewing features that were originally designed for athlete motivation and inspiration to ensure they cannot be compromised by people with bad intent.” He also noted that Strava’s UX engineers are working on simplifying opt-out procedures on the app. Which is great, but not super helpful if you’re a U.S. agent embedded in Pyongyang whose jogging route is now public knowledge.