ENTERPRISE | CONSUMER PRIVACY TIPS | DATA BREACHES & ALERTS | WHITEPAPERS

Privacy Causes Pentagon to Ban Staff Geolocation Usage

Defense Department personnel are no longer allowed to use geolocation on personal electronic devices in operational areas, according to a recent announcement by the U.S. Government. The DOD is also developing guidelines to train the military on the mission risks and unintended security consequences of using geolocation features on smartphones, fitness trackers and other devices.

fitnesstracker

The decision comes after the identification of privacy vulnerabilities in fitness apps Strava and Polar which revealed sensitive information through social user maps. They allowed the tracking of military and intelligence personnel through the geolocation data.

For GPS tracking company Strava, the published Global Heat Map showed pockets of activity in warzones that were most likely military and government personnel using fitness trackers. Researchers found that individuals could even be tracked back to their home after deployment or in rotations to other military bases. The Pentagon’s review determined that the tracking could indeed reveal the location of small forward operating basis or secret / classified locations of troops.

Several months later, researchers discovered similar problems in the Polar fitness tracker, which allowed researchers to identify thousands of sensitive locations from user data.

The Pentagon memo continues to allow the use of fitness trackers and other electronic devices which can locate the user via GPS, but the geolocation capabilities must be turned off in operational areas (sensitive bases and high-risk warzones). The memo says that the devices are considered a “significant risk” to military personnel.

The appropriateness of data sharing has been a huge media and consumer issue in 2018. Although the Facebook – Cambridge Analytica scandal put this issue on the radar for many people, it is issues like this one that really drive home the need to reexamine what devices are collecting and who they are sharing it with.

This hasn’t been the only privacy issue that has cropped up from the exploding marketplace of internet of things (IoT) devices. There has also been a lot of media attention on what smart speakers are recording as well, particularly after a glitch caused a conversation of a husband and wife to be recorded and sent to one of their contacts.

Another recent issue involved a media report about the inability to erase the seller’s access to personal information collected after the resale of a connected car. Issues like these demonstrate just how much still needs to be worked out about privacy in IoT devices.

Improve Data Privacy for GDPR or CCPA with Clarip

The Clarip team and privacy management software are ready to meet your compliance automation challenges. Click here to contact us (return messages within 24 hours) or call 1-888-252-5653 to schedule a demo or speak to a member of the Clarip team.

If compliance with the California Consumer Privacy Act is your focus until 2020, ask us about our CCPA software. Handle automation of data subject access requests with our DSAR Portal, or provide the right to opt out of the sale of personal information with the consent software.

Need to improve your GDPR compliance solution? Clarip offers modular GDPR software that can fill in gaps in your privacy program. Choose from the data mapping software for an automated solution to understanding your data collection and sharing, conduct privacy risk assessments with DPIA software, or choose the cookie consent manager for ePrivacy.

Click here to contact us (return messages within 24 hours) or call 1-888-252-5653 to schedule a demo and speak to a member of the Clarip team.

Privacy Causes Pentagon to Ban Staff Geolocation Usage

Contact

888-252-5653

About

Consumers

Businesses