In some cases where the data is sparse, you can find where individual people live, because the trails sometimes lead back to a starting point. Like this person who runs around the park regularly. Of course you could also just follow them IRL if you were there, so I'm not sure this is a big deal.
So one of the reasons they publish the heat map is that it is a great tool for trail and route discovery. Look at an area where you haven't been before and activities pop right out. Many Strava users are using it this way.
So the concerns of people that need privacy are being balanced against that. Are the 2 options of either not using the activity tracking app or activitating the privacy setting not sufficient for people with safety concerns regarding their location?
Strava could easily make this opt in, or they could filter spots where there are only a few people using it. There are a ton of in between options, this data is not a yes or no scenario.
That seems like the best option: multiple users whose activity patterns aren’t highly similar (i.e. couples who run together) and blur start / end points which aren’t used by many people at different times.
Strava already has an option to mask your starting location. It tracks it from your house, but the public data hides a certain radius around your start and finish locations
I already use this feature but I can reliably find my driveway on the heatmap so either a) they aggregate everything into the heatmap regardless of the privacy sphere or b) it's from my friends visiting, picking me up, etc.
Either way, there's a very clear route that leaves the road at my house and follows my driveway. It doesn't take much effort to find many, many more examples of this throughout the heatmap.
The problem is that it’s not available in the mobile apps and fairly well hidden on the website. For a big public data dump it seems like a reasonable precaution to assume many users aren’t aware of that feature.
They want the UX to be opt in. Or more opt in anyway, that the data ends up on a server is reasonably clear, so just using Strava involves a fair amount of opting in to begin with.
I don't think I have strong feelings about it. I can see the point of something as severe as a data protection law that would require the app to explicitly ask for permission to share every activity (with options like "store to cloud" and "store to cloud, share data publicly"). On the other hand I'm not really bothered by the "don't use Strava" method of opting out of their data collection.
Look at an area where you haven't been before and activities pop right out.
Sometimes locals keep trails secret because having a ton of people on them would destroy them. I've been on both sides of that dilemma, but I don't think looking for trails on a heatmap is a good answer.
This is actually an existing Strava feature called Privacy Zones[1]. It doesn't explicitly say that setting up a Privacy Zone will render activities which exist entirely within those zones private or that the Global Heatmap respects privacy zones but those are reasonable assumptions.
You’d have to cache an available copy, wait for updated data, and then compare the two, to produce a diff. I’d imagine (or hope) there’s a process behind the scenes that slows down and selectively fragments the availability of new data, so that such diffs are too coarse to be revealing. Annual updates, staggered by decoupled groupings, being an ideal strategy.
In general though, just knowing that an event has ever occurred thanks to the map, circadian rhythms often take care of the rest, since it’s a map of (mostly recreational) human activity.
If you start and stop your run going different directions it's not too hard to figure out the central point between them, but if you start/stop from the same direction then it's not clear what the "middle" of the circle would be because the radius of the circle is configurable and unknown to viewers.
To expand on this, it takes three points to identify a circle, so you'd need to leave home and return from three different roads (at least at the intersection with the circle).
You can still potentially make useful inferences without 3 points. For instance, imagine the configuration where there is a single straight road that leads to your home (center of the privacy circle) - you can just extend the line where the GPS tracks for 5/8 mile (the biggest privacy setting) and infer the location of the home. Similarly, if you have 2 straight GPS tracks leading to your home, you can infer both the center and the radius of the privacy zone.
You may not get the exact street address, but you could definitely figure the block or the street. Maybe not super useful in a dense city, but that could leak quite a bit about you if you live in a suburb or rural area.
They’re also what 99% of their users use so they really meed to have feature parity on important things like privacy, especially given how trivial this would be (“fuzz n meters from my current location”).
Interestingly, this feature is one of the first I recall using on Android maybe 8 years ago. It was very visible and easy to turn on... Not sure why they made it harder to discover. Or have they removed it?
They do offer manual route trimming from both ends, too. I've found this useful mostly when I forget to turn off my watch after running.
I’d believe it needed work after a major rewrite and is still in someone’s backlog. They seem to have a fairly small dev team - probably busy with device support & other time-sinks.
I wish they had a way to do an auto-trim so my bike rides didn’t include GPS bounce leaving the building. CommuteMarker.com had auto-tagging for Strava rides but not auto-trimming last time I looked.
If you go to the Privacy section of the iOS app it's mentioned at the bottom with a link to the webpage ("Further customise your privacy..."). Not ideal you can't do it from within the app though.
They do have the counter pressure of not losing users or inspiring government action. I’m not sure how this plays, for example, with the EU data protection laws but I’d bet there are some smart lawyers looking at this.
Strava apps are not perfect; they have a lot of settings in weird places. To sync with an ANT+ or Bluetooth sensor on Android you have to actually start recording an activity, and then press the small "settings" button in that page. Those settings are different than the ones in the main "settings". And then you add your HR sensor, record heartrate data for your workout and at the end you find that if you want it displayed in the app you have to pay :).
I'd be curious if you're able to set up large privacy zones for the sensitive area case.
For instance, if I set a privacy zone centered on my house (or my military base) with a radius of 100 miles and all of my running activities are contained within that privacy zone are those runs automatically marked private? If I never run across the boundary then there's no issue of inadvertently exposing the privacy zone center point. Would Strava hide the GPS information but allow my run stats to accumulate? I don't think the feature is quite there yet but it could be close.
There is an alley in my neighborhood where a single line is super dark and turns into a single house. I'm not sure how useful that is but I'd still rather not have that line if it were my house.
> I'd still rather not have that line if it were my house.
Why? It indicates someone lives in the house. Pretty safe assumption without Strava.
The problem created by Strava (and other apps) is that people list their very expensive bike in their profile, then ride that bike to and from their house. Supposedly, thieves target users that way[1]. But the heat map does not provide that info, or link back to the rider/runner.
I'd say people with a GPS fitness tracker are much more likely to have small fenceable items that drug users (who burgle to feed their habit) are usually looking for. If you're after a good car, then they're probably good marks too - crossmatch with low populationin density FTW.
the flip side of that is that a GPS tracker is probably a better indicator still of "willingness to fight off an intruder or pursue an opportunist thieving items from a garden", especially in countries where normal people don't use firearms. Basic local knowledge probably gives you a better idea of which streets have the best cars - which are obviously usually visible when available to steal - and most fence-able items.
Even non-supervised iPhones can be set up with "Restrictions" where location services are disabled locked behind a passphrase. Surely an iPhone in supervised mode offers similar restrictions in any enterprisey MDM solution.
You can just opt out of the apps as well? I don't have either of those. I don't use Google Fit (or whatever that broken thing is called these days).
True, my phone can track my position and steps etc. - but I made every effort to opt out of bullshit and to not opt in into worse things (aka .. Strava etc.).
A phone is problematic these days. But I do believe that it mostly does what you want it to. People just love to share their lives online?
That's ... honestly a bit disappointing. While I personally believe that the leaking of military location data is almost entirely the military's problem/fault, I feel that this could have been avoided with a minimal bit of forethought by the Strava team. It's not their job to protect military secrets or keep track if some of the data that's sent to them may be connected to a military secret or not. They are, however, responsible for the individual privacy of their own users/customers.
I am reminded of the Dutch "first name database". It's a neat little website showing data (collected by the government/administrative/statistics dept). You can look up any first name in the Netherlands (17M ppl, FYI) and see how many people share this name. You can also see historical data how usage of the first name tracks through time.
AND, this is the crucial bit, you can also see a nice heat map of the geographical distribution for this first name, per municipality.
HOWEVER, and this is where it gets relevant to Strava. They simply won't show the geographical distribution heat map for names that are very rare. If a first name is not nationally rare, but it is in a certain municipality, they will also round it down to zero. Finally, if there's only 5 or less people in NL with that name they won't even show the full total (regardless of location).
Strava could, and IMHO should have done that for regions where only a single (or just a few) individual accounts run a track.
> Of course you could also just follow them IRL if you were there, so I'm not sure this is a big deal.
Yes. But in that case, the person being followed can tell that they are being followed. A spy (MI6/CIA/etc) might be able to follow a target without being seen, but an jilted lover would probably not. So the victim is aware that they are being observed, and by who.
In this case, the victim cannot see who is looking at the track, and cannot take evasive actions.
What have you actually learned? That somebody you don't know anything else about lives in that house? Presumably, you could have assumed that somebody you know nothing else about lives in that house. Somebody you don't know anything else about lives in every house.
I actually share your intuition that this is somehow terribly revealing, but I think this is a broken intuition that needs to be updated for a more technological age.
https://labs.strava.com/heatmap/#14.20/100.20693/40.99133/ho...