What do international summits, assassination threats, and a cheeky run around a hotel block have in common? Apparently, Strava. The popular fitness app, beloved by runners and cyclists alike, is now at the centre of an international security controversy.
An investigation by Le Monde has revealed that the highly confidential movements of world leaders, including U.S. President Joe Biden, Donald Trump, Kamala Harris, Emmanuel Macron, Vladimir Putin, and even Sweden’s Prime Minister and royal family, can be traced online, thanks to their bodyguards’ fitness habits.
In an age where even your vacuum cleaner spies on you, the revelation that security agents were oversharing their locations through a jogging app is both absurd and alarming. The digital breadcrumbs, left in the form of public Strava activity, have unintentionally mapped out secret meetings, holiday hideaways, and even routes near military bases. And all this from a bunch of security professionals who are supposed to remain invisible.
How Strava Turned Into A Spy Tool
Strava, with over 120 million users globally, functions like a digital fitness diary, logging the routes, timings, and details of workouts. While this may seem harmless for everyday users, it becomes a national security risk when those uploading are part of elite protection agencies. Le Monde’s investigation identified 26 U.S. Secret Service agents, 12 officers from France’s GSPR, and six Russian FSO personnel with public Strava profiles. Some even used their full names, making them incredibly easy to trace.
Cybersecurity expert Dr Ibrahim Baggili of Louisiana State University flagged the concern bluntly: “Companies love our data, and we love their products, so we give away the data for free.” The problem?
Once uploaded, this data is often stored, analysed, and occasionally sold. Baggili’s own research warns of how such platforms can aid stalking, robbery, and espionage. When a pre-summit warm-up jog reveals world leaders’ schedules, the line between fitness and foolishness blurs dangerously.
The Road To Strava
Strava was born in 2009, founded by Michael Horvath and Mark Gainey, two Harvard rowers who wanted to create a digital locker room where athletes could relive, compare, and share their training sessions. The name itself is Swedish for “strive”, which makes the Swedish security breach deliciously ironic. It began as a simple GPS tracker for cyclists and quickly evolved into a social media platform for athletes, hobbyists, and overzealous bodyguards alike.
Over the years, Strava’s sleek design and competitive features like segment challenges, leaderboards, and monthly mileage badges have turned exercise into a gamified experience. In 2017, the company hit a milestone with its Global Heatmap, visualising over 3 trillion GPS data points from users worldwide.
That was also when the app first attracted controversy: the map accidentally revealed classified military bases, as soldiers stationed in remote areas unknowingly uploaded their patrols. Apparently, a thirst for validation doesn’t stop at the barracks.
San Francisco Snafu
The U.S. Secret Service insists that its protocols weren’t compromised. Still, Le Monde uncovered a telling example: a Secret Service agent went for a jog using Strava just hours before President Biden arrived at a San Francisco hotel to meet Chinese President Xi Jinping in 2023. The route clearly indicated the location of the hotel, well before Biden arrived. That’s not just a fitness routine; that’s a Google Map for anyone with ill intent.
In their defence, the Secret Service said agents are prohibited from using personal devices on duty, but not during personal time. “We will review this information to determine if additional guidance is required,” a spokesperson stated, according to The New York Times.
Given that the then-serving President Trump survived two assassination attempts and political tensions are at a boiling point, yet no changes to policy have been announced.
From Private Retreat To Public Record
Emmanuel Macron’s 2021 seaside escape to Honfleur, Normandy, was supposed to be hush-hush. No official agenda, no media coverage. Yet Strava told a different story. By tracking his bodyguards’ movements, Le Monde was able to reconstruct the President’s exact whereabouts for the weekend.
When asked about the security breach, Macron’s office nonchalantly responded, “The consequences are very slight.” A reminder was issued to staff not to use the app, presumably followed by a very French shrug.
France’s GSPR agents are not random rookies; they are elite protectors. That their digital breadcrumbs could reveal their leader’s location raises serious concerns. While Macron’s life may not have been endangered this time, it’s a stark reminder that digital footprints, once made, are almost impossible to erase.
Putin’s People, Same Problem
Even Vladimir Putin, a man whose security bubble is tighter than a submarine hatch, wasn’t spared. Six members of Russia’s Federal Protection Service (FSO) were also caught sharing their locations on Strava. Considering Russia’s current global positioning (diplomatically and geographically), this is akin to a bear carelessly tweeting its GPS coordinates during hibernation.
Though no specific incidents involving Putin’s own travels were confirmed, the vulnerability remains. Russia has ramped up its digital surveillance infrastructure in recent years, often at the cost of citizen privacy. The irony now is that its own protectors may be endangering top-tier security through Western fitness apps. Orwell would be proud, if not deeply amused.
Sweden’s Security Circus
Leave it to the Swedes to add scenic views to a security breach. Swedish newspaper Dagens Nyheter tracked over 1,400 workouts from just seven bodyguards protecting Sweden’s royal family and Prime Minister Ulf Kristersson.
The logs included workouts near Ukraine’s border, a military base in Mali, and a previously unreported high-level meeting in Norway. Even the Prime Minister’s home address was exposed, thanks to his guards’ jogging routes.
One bodyguard’s Tel Aviv beach run even matched the timing of an unannounced visit by Jimmie Akesson, the leader of Sweden’s far-right Sweden Democrats. While the Prime Minister’s office declined to comment, Sweden’s security police did confirm the data linked back to their own staff. Let this be a reminder: when a fitness app knows more than your intelligence agency, you might want to start stretching your cybersecurity protocols instead.
Also Read: Are Indian Tourists Being Allegedly Tricked Into Joining The Russian Military?
Illusion Of Privacy
While most governments have attempted some form of cybersecurity regulation, fitness apps often fall into a grey area. They’re not traditionally considered “risky” software, and users rarely read the privacy terms. Once data is shared, it can be stored indefinitely, sold to third parties, or leaked in a breach. In 2018, Strava’s global heatmap even accidentally revealed military bases in Afghanistan and Syria.
The European Union’s General Data Protection Regulation (GDPR) provides some safeguards, but experts like Dr Baggili insist it’s not enough. “The government needs to start cracking down on how data is used and how long it can be retained,” he said. Otherwise, we’re just one fitness craze away from a full-blown international incident.
The Cost Of A Run Is Now Measured In Compromised Secrets
This saga is less about the foolishness of a few bodyguards and more about systemic negligence. When the tools of digital convenience intersect with high-level security, the consequences aren’t merely theoretical. From Biden to Macron, and Putin to Kristersson, leaders across the globe have been exposed, sometimes literally, by their protectors’ love of cardio.
The whole episode is a wake-up call not just for intelligence agencies but for us all. If the world’s best-protected individuals can be tracked because someone fancied a jog, perhaps it’s time to reconsider what apps we trust with our data.
Next time your phone asks for location permission, remember: privacy isn’t a setting, it’s a privilege we keep giving away, one tap at a time.
Images: Google Images
Sources: The Guardian, The Hindu, FirstPost
Find the blogger: Katyayani Joshi
This post is tagged under: world leaders, bodyguards on Strava, cybersecurity breach, Secret Service leak, Macron security, Putin bodyguards, Biden Strava, fitness app data risk, digital privacy, tech regulation, cybersecurity satire, surveillance capitalism
Disclaimer: We do not hold any rights, copyright over any of the images used; these have been taken from Google. In case of credits or removal, the owner may kindly email us.
Other Recommendations
Your Smartphones Will Soon Be Redundant And Replaced By This Latest Tech
