At the end of January, an analyist discovered that location data from the fitness app Strava was exposing US military bases. Publicly-available heatmaps were revealing details about the military's installations abroad, which riled up both privacy experts and the Pentagon. Over a month later, the app's company told Reuters that it will overhaul its heatmap and restrict access to street-level details to anyone who isn't a registered user.
Strava rushed to clearly outline what info users are sharing and how they can change their settings. At the beginning of March, the company simplified its opting-out process for the heat map. But the new changes shift the map itself: Roads and trails with very little activity won't show up until enough users submit workouts in the area, and the map will be refreshed monthly to wipe off data that people make private.
Prior to the outcry, soldiers in US bases across the world were casually sharing their workout paths, which combined with others to reveal well-trafficked routes on military installations. Strava CEO James Quarles told Reuters that the company didn't expect that worldwide users would find sensitive info through the app since users voluntarily share their fitness data. He also assured that the company doesn't track people without their knowledge.