The Internet of Unintended Consequences

A few weeks ago it came out that in November of 2017, fitness tracking company Strava released a heat map of where its users have logged activity around the world. The map is a pretty nifty picture of where people like to exercise, but it included some data that the U.S. Military would probably rather not have out there on the public Internet: the location (based on activity levels) of U.S. service members around the world. This included military bases in quite a few hot spots.

How did this information get out there? Some folks opened up the map and scrolled around looking to see if they found anything useful. It turns out that isolated outposts light up like a Christmas tree when the only people for miles around are service members out on patrol or running laps around their base.

Not only can a map like this pinpoint the exact locations of certain installations of which the exact coordinates aren’t public knowledge, but it also shows where troops are exercising off-base, which could make it easier to ambush anyone out on a run.


In this Internet of Things, we find ourselves connected in ways that our great-grandparents could never have imagined. Although my own grandmother has suggested that I use Find My Friends on my iPhone because we weren’t sure when my husband would get back from the store. But I digress.

Mostly this interconnectedness is pretty exciting. But how many of us really stop and think about the data that’s being collected about us? And how that data is being used? Even something as innocuous as how many steps you took in a day can have unintended consequences. Especially when aggregated together with everyone else who’s sharing their step count with the world.

See related  The Security Minefield Of The Internet Of Things: Protecting Your Connected Devices

It’s also important to remember that when you use a free app like Strava (or any of the other activity apps, which I’m sure all mine our data), you’re not purchasing a product from them. And we all know what that means. We’re the product. It’s very likely that someone is mining your data, and then selling it off.

I’m not saying throw out your fitness tracker. Personally, I happen to like my fitness tracker quite a bit. I am, however, saying that you should be in the habit of checking your privacy settings. A lot of people will say “who cares if anyone knows how many steps I took? I’m not embarrassed about my couch time.” But, as we see from this story, we don’t always know how our data is being used. It might seem like it’s just your step count. But folks using big data can infer an awful lot from our daily habits.

ABC – Always Be Checking (your privacy settings)

Image via Strava Heat Map