Earlier this week when this broke I thought it was merely a curious funny coincidence.<p>I was later walking the dogs with my wife when she told me her mother was shocked that Strava was giving away the location of military bases. This was when I first became aware of Strava as a controversy.<p>So crazy how uninformed a populace can be. How is it Stravas fault that people use their software? If I logged onto Facebook and posted th location of a secret military base would it be Facebooks fault that I posted it?<p>Anyway, I have been an almost daily user of Strava for years- it's the best at what it does.
Blaming strava is absurd. I am a strava user and privacy setting on all my runs by default is that routes are hidden. I have to manually go and edit the run to make it visible to public. As long as strava used the data available publicly I don't see as their fault. It is ridiculous to blame them. I find the privacy setting on strava clearer than any other social network but if military personnel for the sake of vanity end up posting their run publicly then there is anything strava can do. Even without the routes data released by strava, I can simply hover over iraq or Syria and see the running or cycling routes. This feature actually has been of great use to me while traveling.
Smartphone user: "All my apps can collect all my data, I have nothing to hide, my life is an open book"<p>* sees collected data *<p>Smartphone user: "How did they do this to me"
Well I think the heatmap is the best thing from strava. I wish it was embedded/viewable in the strava ios app to to browse running routes - particularly when I'm in a new place. I've also discovered a load of footpaths near me just by browsing it on the website.
Vet here<p>We get OpSec briefing shoved down our throats down so much that im putting this one on the DoD and the base's risk management policy.<p>Guys srsly wth
What I've yet to see is anyone commenting on how secret these "secret" military bases really are. I have a feeling, based on the amount of attention this is getting in mainstream media, that the militaries involved aren't too concerned. Also, any nation state with access to satellite intel presumably already knows about all of these.<p>So if "secret" means "not listed on Wikipedia", I'm afraid only more arguments in favor of surveillance will come of this.
I find it interesting that a lot of people seem to feel that this isn't Strava's fault, but the fault of the users who didn't manage their privacy settings correctly. Having done a lot recently related to GDPR in the EU I've been coming around to the way of thinking that has influenced this law.<p>We as technologists need to start taking some responsibility for our users privacy. Firstly, just because you can collect the data doesn't mean you should. There is this general idea that we should collect and store as much data as we can, just in case we can find a use for it. The problem is that firstly even if we claim to be only using/exposing 'anonymised' data, as this Strava situation shows, it is very hard to truly anonymise data. Secondly, the raw data is still stored somewhere and in the event of a data breach it doesn't matter what a users privacy setting was if you were still collecting and storing the data.
If anyone from Strava is watching this thread - is there any way to delete a user's information from these heat maps? I ask, because I'm not seeing anything in any of the suggested links. If so, how can I request my own records be completely deleted?
I love using the heatmap tool especially the one that shows the differences from 1 year to the next. As a MTB'er, I see the routes that people stop using because of downed trees and other obstacles. Helps prioritize where trail cleaning must be done.
I wasn't aware that people were blaming Strava for this. I think it's pretty clear that the purpose of strava as a social network for runners is to share your run data with others, or at least to benefit from others data. I'd need these answers before I could judge how culpable they are:<p>1) Does Strava present the user with privacy settings and properly explain what they do? (i.e. they don't have to dig in settings to even know that they exist)<p>2) Is data set to 'private' omitted from anonymized aggregate statistics like the heatmap?<p>If the answer to both is 'yes', then I don't understand what the fuss is about.
I’m on team Blame Strava. When you have an obvious comprehension failure by large numbers of users, it’s a UX design bug. Don’t blame the users.<p>It’s pretty clear why in this case. The privacy settings are overcomplicated and misleading. It’s not intuitive at all that turning on “enhanced privacy” still includes you in route leaderboards and the heatmap, which you might not even know is a thing. This was bad design.
I don't use Strava, so pardon the ignorant question -- is the default for your data to be public?<p>If so, then I completely blame them for this. If not, then this is clearly a user error.
I see a lot of people talking about how it is unfair to blame Strava for this.<p>That is BS. When you make anonymized data available publicly, you ABSOLUTELY bear a responsibility to making sure that your
anonymized data is actually anonymous.<p>> However, we learned over the weekend that Strava members in the military, humanitarian workers and others living abroad may have shared their location in areas without other activity density and, in doing so, inadvertently increased awareness of sensitive locations.<p>Strava absolutely needs to be held to account for not filtering out anonymous data from regions that don't have other activity density. This should be a legal responsibility .(Currently I think the FTC can bring legal action for violating a privacy policy, but this is the only legal enforcement route?)<p>Strava also has a ethical responsibility to block data from sensitive area (such as military bases).