Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Privacy

Pentagon Restricts Use of Fitness Trackers, Other Devices

WASHINGTON (AP) — Military troops and other defense personnel at sensitive bases or certain high-risk warzone areas won’t be allowed to use fitness-tracker or cellphone applications that can reveal their location, according to a new Pentagon order.

WASHINGTON (AP) — Military troops and other defense personnel at sensitive bases or certain high-risk warzone areas won’t be allowed to use fitness-tracker or cellphone applications that can reveal their location, according to a new Pentagon order.

The memo, obtained by The Associated Press, stops short of banning the fitness trackers or other electronic devices, which are often linked to cellphone applications or smart watches and can provide the users’ GPS and exercise details to social media. It says the applications on personal or government-issued devices present a “significant risk” to military personnel, so those capabilities must be turned off in certain operational areas.

Under the new order, military leaders will be able to determine whether troops under their command can use the GPS function on their devices, based on the security threat in that area or on that base.

“These geolocation capabilities can expose personal information, locations, routines, and numbers of DOD personnel, and potentially create unintended security consequences and increased risk to the joint force and mission,” the memo said.

Defense personnel who aren’t in sensitive areas will be able to use the GPS applications if the commanders conclude they don’t present a risk. For example, troops exercising at major military bases around the country, such at Fort Hood in Texas or Norfolk Naval Station in Virginia, would likely be able to use the location software on their phones or fitness devices. Troops on missions in more sensitive locations, such as Syria, Iraq, Afghanistan or parts of Africa, meanwhile, would be restricted from using the devices or be required to turn off any location function.

Army Col. Rob Manning, a Pentagon spokesman, said it’s a move to ensure the enemy can’t easily target U.S. forces.

“It goes back to making sure that we’re not giving the enemy an unfair advantage and we’re not showcasing the exact locations of our troops worldwide,” Manning said.

Concerns about exercise trackers and other electronic devices came to a head in January in the wake of revelations that an interactive, online map was pinpointing troop locations, bases and other sensitive areas around the world.

Advertisement. Scroll to continue reading.

The Global Heat Map, published by the GPS tracking company Strava, used satellite information to map the locations of subscribers to Strava’s fitness service. At the time, the map showed activity from 2015 through September 2017. And while heavily populated areas were well lit, warzones such as Iraq and Syria show scattered pockets of activity that could denote military or government personnel using fitness trackers as they move around.

The Pentagon immediately launched a review, noting that the electronic signals could potentially disclose the location of troops who are in secret or classified locations or on small forward operating bases in hostile areas.

This is the second memo affecting the use of cellphones and other electronic devices that the department has released in recent months. In May, defense officials laid out new restrictions for the use of cellphones and other mobile wireless devices inside the Pentagon.

That memo called for stricter adherence to long-held practices that require phones be left in storage containers outside secure areas where sensitive matters are discussed. But it also stopped short of banning the devices, and instead made clear that cellphones can still be used in common areas and other offices in the Pentagon if classified information is not present.

The latest memo says the new restrictions include GPS functions on fitness trackers, phones, tablets, smartwatches and other applications.

The Pentagon also said it will provide additional cybersecurity training to include the risks posed by the trackers and other mobile devices.

Heather Pierce, a spokeswoman for Fitbit, said Monday: “Fitbit is committed to protecting consumer privacy and keeping data safe. Unlike a smartphone, location data is not collected by Fitbit unless a user gives us access to the data, and users can always remove our access.”

Related: Many GPS Tracking Services Expose User Location, Other Data

Related: Exercise Tracking App Reveals Details of Military Sites

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Privacy

Many in the United States see TikTok, the highly popular video-sharing app owned by Beijing-based ByteDance, as a threat to national security.The following is...

Privacy

Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...

Application Security

Open banking can be described as a perfect storm for cybersecurity. At one end, small startups with financial acumen but little or no security...

Mobile & Wireless

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for...

Government

The proposed UK Online Safety Bill is the enactment of two long held government desires: the removal of harmful internet content, and visibility into...

Cloud Security

AWS has announced that server-side encryption (SSE-S3) is now enabled by default for all Simple Storage Service (S3) buckets.