Burger King's Whopper Neutrality Ad. Sincere 'Net Neutrality' Support Or Slick Corporate Advertising?
Health Experts To Facebook: Turn Off Messenger Kids

Fitness Device Usage By U.S. Soldiers Reveal Sensitive Location And Movement Data

Useful technology can often have unintended consequences. The Washington Post reported about an interactive map:

"... posted on the Internet that shows the whereabouts of people who use fitness devices such as Fitbit also reveals highly sensitive information about the locations and activities of soldiers at U.S. military bases, in what appears to be a major security oversight. The Global Heat Map, published by the GPS tracking company Strava, uses satellite information to map the locations and movements of subscribers to the company’s fitness service over a two-year period, by illuminating areas of activity. Strava says it has 27 million users around the world, including people who own widely available fitness devices such as Fitbit and Jawbone, as well as people who directly subscribe to its mobile app. The map is not live — rather, it shows a pattern of accumulated activity between 2015 and September 2017... The U.S.-led coalition against the Islamic State said on Monday it is revising its guidelines on the use of all wireless and technological devices on military facilities as a result of the revelations. "

Takeaway #1: it's easier than you might think for the bad guys to track the locations and movements of high-value targets (e.g, soldiers, corporate executives, politicians, attorneys).

Takeaway #2: unintended consequences from mobile devices is not new, as CNN reported in 2015. Consumers love the convenience of their digital devices. It is wise to remember the warning from a famous economist, "There's no such thing as a free lunch."


Feed You can follow this conversation by subscribing to the comment feed for this post.


Takeaway #3: "Perhaps more alarming for the military, similar patterns of movement appear to possibly identify stations or airstrips in locations where the United States is not known to have such operations, as well as their supply and logistics routes. Analysts noted that with Strava’s interface, it is relatively easy to identify the movements of individual soldiers not just abroad but also when they are back at home, especially if combined with other public or social media data."

Takeaway #4: "... the Strava debacle underscores a crucial misconception at the heart of the system of privacy protection in the United States. The privacy of data cannot be managed person-by-person through a system of individualized informed consent. Data privacy is not like a consumer good, where you click “I accept” and all is well. Data privacy is more like air quality or safe drinking water, a public good that cannot be effectively regulated by trusting in the wisdom of millions of individual choices. A more collective response is needed..."


And perhaps most importantly -- takeaway #5:

@zeynep 7h7 hours ago With enough data, all data is "personally-identifiable" data. With enough data, machine learning can suss out undisclosed traits. When combined, data can reveal things beyond anyone imagined. Informed consent is not a workable model—let alone "click accept" tiny font legalese.


The comments to this entry are closed.