MyBESTRuns
Upcoming Races Latest Results Find A Race Race Calendar Running News Daily Weekly Top Ten

Study Finds That Strava’s Heatmap Feature May Be Used to Reveal Home Addresses

Researchers found that they could predict user locations with roughly 37.5 percent accuracy.

Sharing your routes with friends and followers is a beloved practice by Strava users. But in recent years, the app’s location settings have been called into question as a potential security threat to runners everywhere. Recently, researchers at North Carolina State University took a closer look at privacy issues in the app.

In 2015, Strava introduced a feature called “heatmap” that aggregated data from the runners, cyclists, and hikers who relied on the app to trace their routes and track their stats. Heatmap allowed users to discover popular trails, meet friends, and complete their workouts in safer, more well-trafficked locations. 

However, the researchers found that the heatmap feature may have unintentionally created a tool for tracking and de-anonymizing users if the map data is combined with specific user metadata. 

To test their theory, NCSU researchers ran an impressively geeky test that involved collecting data from heatmaps in Arkansas, Ohio, and North Carolina over the course of a month. They then analyzed the heatmap images, overlaid images from OpenStreetMaps (a free geographic database), and pulled available user location data. In the end, their study indicated that finding users’ home addresses is possible on heatmap, especially given that so many users provide their full names and profile images on the app. 

By correlating their findings with voter registration data, the researchers also discovered that their location predictions were roughly 37.5 percent accurate. “A more active user produces more heat on the Strava heatmap and therefore is more easily identified,” said the study authors. They also noted that users living in densely populated or unpopulated areas would be the most difficult to track. 

As the researchers point out, there are many ways for Strava to make heatmap safer. For example, Strava could allow users to set privacy zones near their homes. 

For now, if heatmaps concern you, ensure you’re not starting your Strava app until you’re a little way home or disable the feature entirely in your app settings. Making your account private and refraining from including your location in your profile can also bolster security. 

As of now, Strava hasn’t commented on the study findings. 

posted Sunday October 8th
by Runner’s World