Fitness Data Map Shows Locations and Activity Patterns of Secret Military Bases

The activity at what may be a U.S. base in the Middle East. Photo: Screenshot/Strava Global Heatmap

Information collected and published by the fitness tracking and sharing app Strava has highlighted the locations of secret military bases and revealed sensitive information about the activity of personnel at those bases. On Saturday, an Australian student and security analyst named Nathan Ruser tweeted that Stava’s Global Heatmap of every GPS-linked fitness activity uploaded by users also includes data from app users at military bases operated by the U.S., U.K., Russia, and other countries in places like Afghanistan and Syria. Furthermore, because few residents of a country like Syria are likely to use the app in the first place, it is particularly easy to locate areas of activity by foreign military personnel in some areas.

The data, which was collected by personal fitness trackers like Fitbits that users had linked to their Strava accounts, revealed the perimeters of some secret bases, since those boundaries likely double as jogging tracks:

The map revealed the possible routes of military patrols or supply runs, too:

And also other regular routes that service members are active on — likely indicating where they work, live, eat, and run, inside and outside of their bases, as well as how frequently.

All of this information could be actionable intelligence to enemies or terrorists looking for targets. The Washington Post explains that while the locations of most of the U.S. bases are public knowledge, the detailed activity of service members is obviously not. The Verge points out that the military has tried to put new policies in place to limit this precise risk, including regulations around device use — especially regarding apps that track location data — and the prohibition of any personal devices from certain sensitive areas.

Strava put out a statement in response to the story, more or less noting that it was the base personnel’s fault for not making their accounts private:

Our global heatmap represents an aggregated and anonymized view of over a billion activities uploaded to our platform. It excludes activities that have been marked as private and user-defined privacy zones. We are committed to helping people better understand our settings to give them control over what they share.

Expect a lot of militaries and security agencies to recommend reviewing those settings soon as well.

Fitness Data Map Reveals Information About Secret Bases