the home of online investigations

How to Use and Interpret Data from Strava’s Activity Map

January 29, 2018

By Aric Toler

Translations: Русский

Recently, the fitness app Strava published a “heatmap” of trillion of data points visualizing the information of users who submitted or synchronized their fitness activity to their servers. This data includes both fitness information recorded directly on the fitness app and data synchronized with the app from a number of physical fitness trackers, such as a Fitbit.

The purpose of this heatmap was to show the most active areas for Strava users, including paths for jogging or cycling. However, the heatmap also visualized the data of individual users. In other words, the path of millions of jogs in Central Park in New York City are visualized on the map, but the patrol path of a single soldier on a military base, assuming he or she was recording data on the Strava app, is also present.

Nathan Ruser was the first person to notice the potential use of the Strava heatmap to identity military sites.

As The Verge wrote, you can already find most of these military sites with satellite imagery, but the heatmap reveals human activity, such as “how people are moving along those areas, and how frequently, a potential security threat to personnel.” As Jeffrey Lewis noted, the data held by Strava, both in its heatmap and elsewhere in its databases, is invaluable.

However, the map alone is sometimes inadequate to provide useful analysis. In this guide, we will outline some of the complementary methods and tools to analyze the unusual data you may find on the Strava heatmap, and a consideration of some of the limits of the recorded activity.

Limits and considerations of Strava’s data

Since Nathan’s tweet, a number of interesting findings from this heatmap have been shared on Twitter, mostly related to secret military and detention sites. However, these locations are far more often open secrets rather than actual secrets, as local reports have revealed the presence of most, if not all, of these “secret” locations. For example, Jeffrey Lewis wrote for the Daily Beast how the Strava heatmap shows the location of a missile command headquarters in Taiwan. Though personnel at this base would cringe at the idea that possible patrol routes are visible on the heatmap, the location of the headquarters itself has long been an open secret after local reporters investigated faux-delivery trucks transporting missiles.

Additionally, the information visualized in the heatmap is largely, though not entirely, restricted to the activity of particular countries. For example, Nathan Ruser found a series of forward operating bases (FOBs) in Afghanistan, likely manned by American and NATO Coalition soldiers.

Even in relatively small American bases, we can find activity on the Strava heatmap. However, when examining one of the largest Russian military camps on the Ukrainian border, the Kuzminsky firing range, we can find only a small amount of activity, despite the fact that thousands of Russian soldiers have moved through this location over the past three years (click for full size of visual below).

When searching for geotagged photographs on particular social networks, we will find far more activity in the post-Soviet space for Vkontakte, and more posts in the United States for the Foursquare service. This heatmap works in a similar fashion, where we will find a disproportional amount of activity on the Strava heatmap with, for example, Americans rather than Russians.

How to interpret heatmap activity

Cross-reference with historical satellite imagery

The majority of discoveries surrounding the Strava heatmap have been military locations, due to the presence of American and other Western soldiers in a number of Middle Eastern and South Asian states with large swaths of depopulated area. Though obviously, not all of the activity in these military locations is necessarily from Western military personnel. For example, @LostWeapons identified Strava activity in Aden, Yemen, where the UAE has deployed Patriot missile systems, as Chris Biggers reported in January 2017.

Finding this site is easy when looking around Yemen, as this reported Patriot missile site is the only place in Aden with any noticeable Strava activity.

Once we located a potentially interesting site on Strava, we should cross-reference the site with the historical imagery on Google Earth. Doing so for this location in Aden shows rapid construction since 2014.

Reported missile site in Aden, Yemen in 2014 (left) and 2017 (right)

Cross-reference with Wikimapia

Wikimapia is also an excellent, though not always completely reliable, tool to cross-reference sites that light up on the heatmap. The descriptions of locations in Wikimapia are user-generated, including from a number of active open source investigators. However, due to the user-generated nature of the system, the information provided for particular locations should be cross-checked with other sources of information.

We can use Wikipedia to identify an unusual location in Syria that resembles an oasis of Strava activity.

If we cross-reference this spot with Wikimapia, we see that it is apparently an oil well with a nearby gas pipeline, meaning that one or more people with their Strava data tracking enabled apparently took a regular jogging or patrol path along the roads near the wells and pipeline.

Spoofed locations

We should keep in mind that not every data point in the heatmap is accurate, as GPS activity can easily be spoofed, and users can intentionally falsify data to their liking. The clearest example of this is by looking at the activity of the GPS coordinates  0.000, 0.000, in the Atlantic Ocean due south of Ghana. It is extremely unlikely that there has ever been genuine Strava activity from this spot, but GPS coordinates can be spoofed to a particular location either by state actors or individuals. For example, GPS coordinates near the Kremlin have been reported to be spoofed to the Vnukovo Airport. With this location at coordinates that are so easy to input, it is no surprise that there is an island of activity in the middle of the ocean.

Don’t jump to conclusions

But not every instance of Strava activity in the desert is from mysterious military activity. At first, this strange geometrical pattern in the desert of Nevada seems like it could be a secret nuclear missile site or underground base that is modeled after the Pentagon.

The answer is much less sinister — it’s the Burning Man festival, where thousands of people who likely have Fitbits or other fitness trackers visit a temporary city that is created each year in the remote Nevada desert.

Conclusion

In the coming weeks, there will be additional findings from both open source investigators and professional journalists in sensitive locations around the world. For example, Pulitzer Prize-winning journalist Charlie Savage has already updated his previous research into Camp 7 of the Guantanamo Bay prison using Strava’s heatmap. Bellingcat will continue to publish information on many of these findings, with an eye on methods to utilize Strava heatmap, and also assisting in crowdsourcing the analysis of particularly mysterious locations with unusual activity.

If you have any additional tips on using the Strava data, or discovered any pitfalls for faulty analysis, please leave ideas in the comments, or send them to use via Twitter or Facebook and we will add them to this post, with proper credit.

Aric Toler

Aric Toler has been an employee at Bellingcat since 2015. Some of his focuses are in verification of Russian media, the conflict in eastern Ukraine, Russian influence in the American/European far-right, and the ongoing investigation into MH17. Have a question, want to bounce a story idea, or want to write for Bellingcat? Email me at arictoler@bellingcat.com

Join the Bellingcat Mailing List:

Enter your email address to receive a weekly digest of Bellingcat posts, links to open source research articles, and more.

7 Comments

  1. Euan

    You can’t be sure how old some of the data is. If you see a track of someone, for example, running along a sensitive part of the Ukrainian-Russian border, or the front line in Donetsk or Luhansk oblasts, you can’t say if it was a soldier or a membe of the peacetime public. Don’t jump to conclusions.

    Reply
  2. Tourist

    It’s really interesting to examine this map as it answers a lot of questions conventional maps can’t do. For example the question, what is the most reliable and shortest route to drive from Turkey to India, or from India to Malaysia. You can even track boat trips for tourists for dolphin watching at the north coast of Bali and such things. And you can find a few trips inside North Korea.

    Reply
  3. Davdberg

    Could it be that the strava heat in the ocean is from someone active on a ship?
    Which would not register on GE satelite imagery unless exactly matched on the time & day of the tracking?

    Reply
  4. Rusty

    North Korea: there’s an interesting bike route mapped from South Korea to almost Pyongyang – smugglers? Escape route? Aid workers? Dennis Rodman on tour?

    Did the tracking device give up just outside of Pyongyang or did the user realize they were giving away privacy data?

    Reply

Leave a Reply to Davdberg

  • (will not be published)