in Link Post

Strava’s Heatmap Data isn’t Really Anonymous


Matt Burgess:

By uploading an altered GPS file, it’s possible to de-anonymise the company’s data and show exactly who was exercising inside the walls of some of the world’s most top-secret facilities. Once someone makes a data request for a specific geographic location – a nuclear weapons facility, for example – it’s possible to view the names, running speeds, running routes and heart rate

It doesn’t necessarily seem like it on the surface, but this feels like a pretty big cultural issue to me. Even a well meaning company can accidentally expose your data in ways you really wouldn’t want. Surveillance is becoming more or less a fact of life. We think about it coming from governments. Increasingly we’re aware of it from online advertising companies. But we should probably be thinking about it coming from just about any company which has any sort of data about us.

Not surprisingly, XKCD more or less predicated this back in 2009.