Trending Topics

Overlooked social media risk for law enforcement: Strava

Learn how social media fitness apps like Strava can expose law enforcement officers’ locations, compromising their safety and privacy

Sponsored by
navigation map screen

If you’re using a GPS-enabled watch to track your runs, rides or hikes, be aware that the manufacturer’s site may also be publishing your activity location for all to see.

Photo/Getty Images

How does your agency measure up when it comes to wellness? Lexipol’s Wellness solutions help agencies deliver anonymous, 24/7 support, enhance peer support team readiness, and build a culture of wellness. Contact Lexipol at 844-312-9500 to learn more or request a demo.


Social media has made connecting, sharing and engaging with people easier and faster than ever. If you’re in law enforcement, you know social media has also made it easier for others — including anti-police activists and members of the public — to gather details about you, your home and your family members.

A French newspaper’s recent investigation into a popular fitness app helps illustrate how seemingly innocuous data can pose a security threat to you and the people you love.

The dangers of oversharing

It should come as no surprise that social media can be risky to law enforcement officers. Public online platforms allow individuals to share a vast amount of information about their lives, often without realizing how much can be pieced together by those with malicious intent. This information can include personal details, family connections and even real-time location data — all of which can be exploited by individuals who wish to harm officers.

As Gwendolyn Waters notes in an article in the FBI Law Enforcement Bulletin, “Because of social media, law enforcement officers are public figures more so than ever before. Barriers between their professional and personal lives have been diminished. Police may have no expectations that their homes and families will be protected from the dangers they face on the job.”

Imagine, for example, an adversarial traffic stop. You argue with the driver, then go back to your vehicle to write a moving violation. Armed with your last name and agency, the driver searches for information about your home address and family connections. If you’re someone who over-shares on social media, you may return with the ticket only to receive vaguely threatening comments from the driver. “You’ve got a really nice house,” the driver tells you, showing you photos from your own social media posts on his mobile phone. “And your kids sure look cute in their Halloween costumes.”

Nothing about the exchange would be illegal, but it would have a profound impact on your peace of mind.

There are numerous cases in which law enforcement officers have been physically targeted or harassed after being identified online. As noted by the AP, after the widespread protests of 2020, “Multiple high-ranking police officials in a number of cities, including Washington, Atlanta, Boston and New York have had their personal information shared on social media, including their home addresses, email addresses and phone numbers.” In another case, militants from the extremist group Antifa tweeted out the personal information of 1,600 Immigration and Customs Enforcement (ICE) employees, including border patrol officers.

The psychological impact of this type of targeting can be severe, adding stress and anxiety to an already high-pressure profession.

Broadcasting your location

The term “doxxing” refers to publicly and maliciously revealing private or identifying information about a person without consent. The goal of doxxing is often to intimidate, harass or harm someone by exposing them to unwanted attention, stalking or potential danger.

Doxxing is a risk to law enforcement officers and their families. But what happens when the person doing the doxxing is you?

Strava is a social media fitness app that enables users to track their physical activities — such as running, cycling and hiking — using GPS data. The platform allows people to record physical activities, monitor performance metrics and share their progress with a global community, who can view and comment on these activities.

A recent article about U.S. Secret Service agents calls attention to yet another way police officers may expose their home or work locations, potentially opening themselves up to harassment … or worse. The French newspaper Le Monde found Secret Service agents were using Strava to track and share their workouts. In one case, an agent on Joe Biden’s protective detail went for a run just hours before the president arrived at a San Francisco hotel ahead of a meeting with Chinese President Xi Jinping. Since the agent’s activity clearly showed the hotel as the agent’s starting and ending location, and since the agency was publicly identified as part of the president’s detail, the agent unwittingly exposed the location where the president would be staying for this highly sensitive meeting.

Le Monde found similar data that helped identify the whereabouts of Kamala Harris as well as Donald and Melania Trump. In all, the paper was able to collect GPS location data for “26 U.S. agents, 12 members of the French GSPR, the Security Group of the Presidency of the Republic, and six members of the Russian FSO, or Federal Protection Service….”

In another concerning incident, CNN reported that Stanislav Rzhitsky, a Russian military officer who was murdered in 2023, may have been tracked by his assassin through his Strava account.

Making Strava safer

Obviously, if Secret Service agents and a Russian submarine commander can inadvertently expose their locations via Strava, law enforcement personnel can do the same thing. If you use the app to track your runs, rides or other activities, what do your maps tell others about where you live? Chances are: A lot.

The easy answer is to stop using Strava altogether. This may sound extreme, but it may be the best choice if you’re concerned about your privacy and safety.

But Strava is popular for a reason. It allows you to share your workouts and other athletic accomplishments with your friends on the platform. The kudos you receive feel great, and the comments can really boost your motivation to continue achieving. So, if you’re still determined to use the app, here are some ways to make the experience more secure:

  • Privacy settings: On your Profile page in the app, select the cog-wheel button to bring up your profile settings. You can use the Privacy Controls to make several changes to what information is visible to other users:
    • Where You Appear: Use this feature to limit visibility of your Profile Page, Activities, Group Activities, Flybys, Local Legends and Mentions. At the very least, set them all to Followers.
    • Map Visibility: Use this setting to hide the start and end points of activities that happen at a specific address (such as your home). You may opt to hide start and end points regardless of where they happen, or to hide activity maps altogether.
    • Public Photos on Routes: It’s safer to uncheck the box allowing Strava to share your photos with the community.
    • Personal Information Sharing: Select Do Not Share My Personal Information and activate the toggle. Turning this feature on prevents Strava from sharing your activity data with other entities or individuals.
    • Edit Past Activities: Use this feature to bulk-edit multiple activities at one time. If you’ve been sharing activities publicly by default, use this tool make them private.
  • Edit activity: Each activity has settings that can be edited. Select an activity and then Edit Activity. Find the activity’s Privacy Controls and select whether you want the activity visible to Everyone (not recommended), just Followers, or Only You. You can also choose to hide certain aspects of an activity, such as Start Time.
  • Edit map visibility: If you want to hide the location of a specific activity — for example, if you run on vacation and don’t want anyone to know where you are — find the activity in Strava, click the “three dots” menu and choose Edit Map Visibility. Use the sliders to hide a certain amount of the first and last segments of your map (up to a mile), or you can click Hide Entire Map.
  • Followers: It’s a good rule to only accept follow requests from people you know and trust. If you get a follow request from someone you don’t know, or if you’re not sure whether a profile asking to follow you is legitimate, it’s best to reject the request.

If you’ve been using Strava for some time, it’s a good idea to do a Follower audit. Log in to Strava on a computer browser (not in the app) and click the Followers link on your profile page. This displays a list of all the people who currently follow your activities. If you see someone you don’t recognize (or don’t trust), click the cog-wheel button next to their name and select Remove Follower. (Don’t worry — they won’t get a notification that you’ve done this.) You can also choose Block Athlete if you want to make your profile completely invisible to that person on Strava.

A privacy mindset

Also, if you’re using a GPS-enabled watch to track your runs, rides or hikes, be aware that the manufacturer’s site may also be publishing your activity location for all to see. For example, Garmin users should tweak their privacy settings on connect.garmin.com to make sure their location information isn’t being inadvertently exposed.

While social media offers valuable opportunities for communication and connection, it also exposes law enforcement officers to unique risks. The answer lies in balance — remaining mindful of your online presence while recognizing the potential for unintended harm.

If you’re a law enforcement leader, consider offering regular training to your employees on social media use and implementing policies that protect officers’ personal information. By taking these steps, law enforcement can reduce the dangers posed by social media and focus on the primary mission: serving and protecting the community.

David Baker is senior manager of content marketing at Lexipol. Besides writing and editing content for the Cordico and Lexipol blogs, he is an avid road racer and trail runner. David completed six marathons and seven half marathons in 2022, including the Boston Marathon and New York City Marathon. He also holds the Guinness World Record for the fastest half marathon in “highland dress” (kilt, dress sporran, and formal Prince Charlie jacket). He lives, trains and works in southern Utah. David is the proud father of a police officer son.