Last month, a recent investigation by French newspaper Le Monde uncovered significant privacy risks involving high-ranking government officials' location through their use of the fitness tracking application Strava.
The investigation revealed that the movements of multiple world leaders—including U.S. President Joe Biden and President Donald Trump—can be tracked through their security personnel's use of the popular fitness platform via location data displayed on public profiles within the app.
Strava, which has 120 million users worldwide, allows individuals to record and share their exercise activities, including running and cycling routes. The investigation identified a staggering 26 U.S. Secret Service agents, 12 members of French President Emmanuel Macron's security team (GSPR), and 6 members of Russian President Vladimir Putin's Federal Protection Service (FSO) maintaining public profiles on the platform.
Cybersecurity Implications
The investigation exposed multiple ways that Strava's public profile system could compromise high-level security operations. Through the platform's activity feed and route mapping features, users can access detailed GPS coordinates and timestamps of any public profile's recorded activities. This enabled investigators to identify precise locations of security personnel during protection assignments, including a U.S. Secret Service agent's running route that revealed President Biden's location prior to his diplomatic summit with Chinese President Xi Jinping in San Francisco in 2023.
This also allowed investigators to reconstruct protection patterns during sensitive periods, including the weeks following recent assassination attempts on President Trump.
We also want to highlight Strava's "FlyBy" feature, which allows users to see other athletes who were active in the same area during a specific time window. This functionality effectively creates a secondary verification method for confirming security personnel locations, as multiple agents' activities often cluster around protected individuals.
Official Responses
The U.S. Secret Service has issued a statement indicating that while agents are prohibited from using personal electronic devices during protective assignments, they are permitted to use social media while off-duty.
French President Macron's office responded by issuing a directive to security personnel to cease using the application, though they maintain that the security implications were minimal. They emphasized that local authorities are always aware of presidential movements and that secure locations are thoroughly vetted.
Shady Strava
This is not the first time Strava has raised security concerns. The Pentagon previously identified risks associated with military personnel using the app, citing concerns about the exposure of classified installation locations through user activity data.
Perhaps more disturbing is the fact that security experts have emphasized that the vulnerability in Strava extends beyond immediate location tracking, as the accumulated data could be used for pattern analysis and future targeting of high profile public figures.
In other words, apps like Strava are designed to track you, as you are the product. It is also a classic example of surveillance as a service that has become commonplace in mainstream apps.
If you want to avoid having every move you make be documented by invasive Big Tech apps, we recommend a degoogled smartphone with an open source OS like GrapheneOS and Above Phone. These innovative tools will make sure that you won’t be publicly displaying your location for data brokers and cyber criminals to easily prey on.
Even more specifically, if you are looking for a fitness app that genuinely respects your privacy we recommend the open source alternative OpenTracks, which will allow you to track your sport and outdoor activities with peace of mind.
Archived Sources
Pentagon restricts use of fitness trackers, other devices
https://archive.ph/1mfot
Xi Jinping Arrives in San Francisco for China-U.S. Summit Meeting and the 30th APEC Economic Leaders' Meeting
https://archive.is/CQwRf#selection-309.0-309.109
Fitness app Strava gives away location of Biden, Trump and other leaders, French newspaper says
https://archive.is/Xopbm
Strava-using Secret Service agents inadvertently tipoff fitness app users to movements of Trump, Biden and Harris
https://archive.is/X2bFl
Strava Labs FlyByhttps://labs.strava.com/flyby/viewer/
Rise Above, with Above Phone
https://abovephone.com/
This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit
tbot.substack.com/subscribe
