Be careful with what kind of data you store your fitness tracker
A few months ago, it was discovered that through the fitness application Strava, it was easy to access information about the location and fitness activities of US soldiers stationed in military bases around the world.
But, apparently, the American soldiers did not learn the lesson. Recently it has been announced that Polar Flow does the same. That is, it was too easy to get even more data that are significant for all users of the application, such as the number of heartbeats, the address of living and practically all the data related to the individual user profile.
The Dutch newspaper De Correspondent and the online portal for citizen journalism Bellingcat publish the information. They very easily reached the data for over 6,000 users of the popular manufacturer of equipment for tracking sports activities Polar (through their application Polar Flow).
Polar made more data available for each user compared to FRAUD. Also, access to that data was simpler than in the case of FRAUD.
Bellingcat describes the whole process in the following way:
Keeping track of all this information is very simple: find a military base, select an exercise posted there to identify the appropriate profile and see in other places that person has been practicing. People tend to turn on / off fitness trackers when they leave or enter their homes, hence they unwittingly mark their homes on the map. Users often use their full names, accompanied by a profile picture in their profiles.
What the above passage says is that the users were too liberal in publishing personal information. After the Fear Scandal, it is amazing how the US military again allowed the same mistake.
However, public reactions have already been fruitful. Polar has removed the “Explore” option, which enabled each user to get data on the activities of another user from 2014 onwards. The Dutch Ministry of Defense again banned the installation of fitness applications on official mobile devices. A smart move.
As before with Fear, in this case, valuable lessons can be learned. We are never 100% safe when it comes to the privacy of our data online. It is always useful to check which data we give to the applications we use, and how they use our data.