Re How the Spies Learned to Stop Worrying and Love Fitbit

["Dave Farber" <farber () gmail com>]

Begin forwarded message:

> From: L Jean Camp <ljeanc () gmail com>
> Date: February 4, 2018 at 5:30:13 PM EST
> To: Dave Farber <dave () farber net>
> Subject: Re: [IP] Re How the Spies Learned to Stop Worrying and Love Fitbit
> Reply-To: ljeanc () gmail com
>
> I went through the settings to see how to make Strava use private. This is what I read.
>
> To prevent your data being shared by Strava, require seven options on at least three screens, plus the initial 
> "Choose Enhanced Privacy". But   "Choose Enhanced Privacy is just a start. 
>
> Hide Activities From Leaderboards, 
>  Change your FlyBy Options 
>
> without those turned off, even with enhanced privacy on, you will still sometimes post your photo, name & run 
> publicly, and will do so based on the activities of others. Particularly if there are only a few people running a 
> route (*small base cough cough*) so that there is an isolated local Leaderboard.
>
> Then there is another screen....
> ON Privacy Zones 
> OFF Training Log Sharing 
> OFF Strava Metro & Heatmap Data Sharing 
>
>  after you have turned everything else *off* you need the following *on* or your data will be shared with PII as part 
> of the group.
>  ON Enable Group Activity Enhanced Privacy, 
>
> ON Followers & Block Athletes
>  "one you've blocked will be able to see your activity entry in public areas like segment leaderboards, club feeds, 
> and segment explore."
>
> Blocking *only* means 
> "the blocked athlete will not be able to access your activity or profile page if they click on your entry."
>
> So a very pro-stalked feature design there. You choose enhanced privacy. You block someone. Annnnd they can view your 
> "leaderboards, club feeds, and segment explore" which I believe means where you run often that others do not, when 
> you hang with your friends and when you do something new.
>
> Of course no one uses these controls correctly. The controls are scattered around, the words "blocked" and "privacy" 
> are argle bargle.
>
> Don't blame the victims!
>
> Prof. L. Jean Camp
> http://www.ljean.com
> Research Gate: https://www.researchgate.net/profile/L_Camp
> DBLP: http://dblp.uni-trier.de/pers/hd/c/Camp:L=_Jean
> SSRN: https://papers.ssrn.com/sol3/cf_dev/AbsByAuth.cfm?per_id=262477
> Scholar: https://scholar.google.com/citations?user=wJPGa2IAAAAJ
> Make a Difference 
> http://www.ieeeusa.org/policy/govfel/congfel.asp
>
> > On Fri, Feb 2, 2018 at 6:48 PM, Dave Farber <dave () farber net> wrote:
> >
> > ---------- Forwarded message ---------
> > From: Justin Maxwell <soc () code404 com>
> > Date: Fri, Feb 2, 2018 at 5:37 PM
> > Subject: Re: [IP] How the Spies Learned to Stop Worrying and Love Fitbit
> > To: dave () farber net <dave () farber net>
> > CC: ip <ip () listbox com>
> >
> >
> > Hi Dave,
> >
> > Thanks for inviting this discussion on IP. I'm an avid Strava user and almost went to work there in the early days 
> > because I love their product.
> >
> > that FP article is fantastic, I had no idea this had such a legacy. But I want to address one thing since the 
> > "careless athlete" angle is getting sensationalized:
> >
> > “I am a Strava user with sharing enabled,” one former intelligence official told FP, who described running around 
> > GCHQ, the British signals intelligence agency.
> >
> > Sure, this person was careless. But most likely weren't.
> >
> > There is a key detail that is being left out of the public conversation mostly due to headline skimming. Strava was 
> > opting people in to the global heatmap data automatically, even if they had made their activities private. This is 
> > where everything went wrong:
> > if a person was using Strava to track their fitness while stationed in a sensitive area,
> > and believed they were respecting the rules of their station by marking their activity as "private" (which prevents 
> > it from showing to others or on leaderboards)
> > That user was then unaware Strava had them "Opted-In" automatically to publish their activity data on the global 
> > heatmap
> > Strava buried that info here: https://support.strava.com/hc/en-us/articles/207343930-Privacy-Options-and-Information
> > The user had no idea their data was being leaked, as from their perspective (the information presented to them in 
> > the app's user experience & interface messaging), they had followed the rules
> > So to be clear, it was Strava who opted in their users to leak this information without considering the impact of it.
> >
> > On Feb 2 2018, at 11:37 am, Dave Farber <farber () gmail com> wrote:
> >
> >
> >
> > Begin forwarded message:
> >
> > From: Richard Forno <rforno () infowarrior org>
> > Date: February 2, 2018 at 12:28:06 PM EST
> > To: Infowarrior List <infowarrior () attrition org>
> > Cc: Dave Farber <dave () farber net>
> > Subject: How the Spies Learned to Stop Worrying and Love Fitbit
> >
> > How the Spies Learned to Stop Worrying and Love Fitbit
> >
> > The debate over whether fitness trackers should be allowed in sensitive areas has dragged on for years.
> >
> > By Jenna McLaughlin
> > | February 1, 2018, 12:38 PM
> >
> > When researchers last weekend noticed that a private company had published a global heat map of people running and 
> > walking around, based on data uploaded from its fitness application, the news sparked renewed debate in the U.S. 
> > national security community about rules governing wearable devices that transmit data.
> >
> > What wasn’t disclosed by the intelligence and military officials reacting to the news is that the debate over 
> > whether fitness trackers should be allowed in sensitive spaces, particularly in intelligence outposts, has raged on 
> > for years. And many employees did in fact gain the right to wear certain types of trackers, even in the most 
> > sensitive locations.
> >
> > However, that decision has consistently led to internal disagreement. In some cases, military and  intelligence 
> > officials have wide discretion over where and when their employees can use those devices.
> >
> > “We are aware of the potential impacts of devices that collect and report personal and locational data, such as 
> > information contained in the Strava ‘heat map’ recently reported in the press,” a current U.S. intelligence official 
> > wrote in an email to Foreign Policy. “The use of personal fitness and similar devices by individuals engaged in U.S. 
> > Government support is determined and directed by each agency and department.”
> >
> > < - >
> >
> > https://foreignpolicy.com/2018/02/01/how-the-spies-learned-to-stop-worrying-and-love-fitbit/
> > Archives  | Modify Your Subscription | Unsubscribe Now        
> >
> > Archives  | Modify Your Subscription | Unsubscribe Now        



-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/18849915-ae8fa580
Modify Your Subscription: https://www.listbox.com/member/?member_id=18849915&id_secret=18849915-aa268125
Unsubscribe Now: 
https://www.listbox.com/unsubscribe/?member_id=18849915&id_secret=18849915-32545cb4&post_id=20180204224306:AACF2B7C-0A26-11E8-BFE3-E245F0D37C66
Powered by Listbox: http://www.listbox.com