Polar fitness app leaks military personnel locations

Polar’s fitness app made it dangerously easy to track soldiers and secret agents worldwide

Polar’s popular fitness app inadvertently revealed military personnel’s addresses

An investigation between the citizen journalism site Bellingcat and Dutch journalism platform De Correspondent found the shared information also contains the names and addresses of users, including military personnel.

The researchers have also probed other fitness tracking apps like Endomondo, Runkeeper and Strava (which was earlier this year found revealing patterns of life in military bases and secret sites).

In a statement sent by Polar chief strategy officer Marco Suvilaakso, the company said it "recently learned that public location data shared by customers via the Explore feature in Flow could provide insight into potentially sensitive locations".

Just six months after competing fitness tracking company Strava came under fire for revealing the location of U.S. military bases, Finnish wearable company Polar has experienced similar privacy concerns and has suspended its "Explore" service as a result.

The app, developed by Finnish software firm Polar, allows anyone to access location maps in order to track users' fitness activities.

We can find Western military personnel in Afghanistan through the Polar site.

With the USA military continuing to review its rules on using wearable devices for its personnel in light of both Strava and Polar revelations, the fitness tracker industry will also have to look at things they can do to protect not just these military personnel but also the privacy of normal individuals.

Meghan stuns at garden party with Prince Harry in Dublin
The Duke and Duchess of Sussex began their first official worldwide visit together when they arrived in Ireland on Tuesday. Harry and Meghan later joined royals at a Buckingham Palace reception to mark the centenary of the Royal Air Force.

Similar to Strava, Polar is showing an individual's activity - their route, date, time, etc - on the map, and then adds even more information potentially revealing this same information about their home. Postma does mention that since Bellingcat's investigation into the matter, Polar has temporarily suspended its Explore feature and is now problem-solving to come up with ways to combat these security issues. The report suggests that people generally tend to switch on/ off their fitness trackers while entering or exiting their homes.

Polar, like many other fitness apps, lets users log a map of their run.

The shutdown should be welcomed, but the company has squarely pointed the finger at its users, noting that "the vast majority of Polar customers maintain the default private profiles and private sessions data settings, and are not affected in any way by this case".

What this is actually saying is that users have the option to mark their data as private via the user profile page in the app. Marking it private will also prevent the service from sharing information to third-party apps such as Facebook.

"As always, check your app-permissions, try to anonymize your online presence, and, if you still insist on tracking your activities, start and end sessions in a public space, not at your front door".

Given that this would make it spectacularly easy to kidnap these people or even blow them up, it's not surprising that Polar has taken evasive action.

Latest News