An interactive map posted on the Internet that shows the whereabouts of people who use fitness devices such as Fitbit also reveals highly sensitive information about the locations and activities of soldiers at U.S. military bases, in what appears to be a major security oversight.
The Global Heat Map, published by the GPS tracking company Strava, uses satellite information to map the locations and movements of subscribers to the company’s fitness service over a two-year period, by illuminating areas of activity.
Strava says it has 27 million users around the world, including people who own widely available fitness devices such as Fitbit and Jawbone, as well as people who directly subscribe to its mobile app. The map is not live — rather, it shows a pattern of accumulated activity between 2015 and September 2017.
Most parts of the United States and Europe, where millions of people use some type of fitness tracker, show up on the map as blazes of light because there is so much activity.
In war zones and deserts in countries such as Iraq and Syria, the heat map becomes almost entirely dark — except for scattered pinpricks of activity. Zooming in on those areas brings into focus the locations and outlines of known U.S. military bases, as well as of other unknown and potentially sensitive sites — presumably because American soldiers and other personnel are using fitness trackers as they move around.
The U.S.-led coalition against the Islamic State said on Monday it is revising its guidelines on the use of all wireless and technological devices on military facilities as a result of the revelations.
The existing rules on the privacy settings to be applied to devices such as fitness trackers are being “refined” and commanders at bases are being urged to enforce existing rules governing their use, according to a statement from the Central Command press office in Kuwait.
“The rapid development of new and innovative information technologies enhances the quality of our lives but also poses potential challenges to operational security and force protection,” said the statement, which was issued in response to questions from The Washington Post.
“The Coalition is in the process of implementing refined guidance on privacy settings for wireless technologies and applications, and such technologies are forbidden at certain Coalition sites and during certain activities,” it added.