curiosity: can non-strava users (i.e., the general public) access what an individual is doing on strava?

have a few buddies who have indoor trainer setups all tied together with strava and zwift, and i'm an admitted luddite when it comes to all of that. they told me to hop along and do the training sessions with 'em, so i'm starting to poke around to learn.

how does strava track if you're out in real life, i.e., on the road? do you have to have a gps-enabled bike computer like a garmin, etc.?

how does strava interact with zwift?

if you're out on the road and tied in to strava, could your whereabouts be tracked by less scrupulous folks?

Potentially, yes. You can change privacy settings on your profile, on activities, and on your start/stop location.

Profile
You can set up your strava account to be public (can be viewed by anyone) or private (can only be viewed by your strava friends).
Link: https://support.strava.com/hc/en-us/articles/115000164850-Profile-Page-Privacy-Controls

Activity
You can set your strava settings so that your activities can be viewed by the anyone, friends-only, or only by you.
Link: https://support.strava.com/hc/en-us/articles/216919377-Activity-Privacy-Controls

Location
You can also set up a "privacy zone" so that your uploaded routes do not start and stop right from your doorstep.
Link: https://support.strava.com/hc/en-us/articles/115000173384-Privacy-Zones

Depending on how you have your preferences set, your data can be visible.

For instance, I think I still have a free Strava account. I have never uploaded anything to it. I got it to scout popular cycling routes for cities I was visiting to find the best cycling-friendly roads. I didn't care about segments or KOMs or anything else, but that information was there. I just didn't dig that deep.

Keep your data locked down within the platform to those users you want to see it, and then your biggest dangers are platform hacks or Strava selling your data. Don't create segments that start at your house. That sort of stuff.

I understand in this COVID era people want to stay connected. Just be aware of the relative dangers of the platforms you're using. Nothing is free.

^^ thanks Alaska Mike. I think I joined Strava ages ago (when it first came out) so as to learn new routes in an area I had moved to, and bought a Garmin 800 from an ex-pro who used to be an anonymous member of this forum. Can't recall if I still have the account, but I'll have to check.

No joke, the 800 is still in the box, never used. Learned routes the old fashioned way...wrote 'em on an index card and then memorized 'em. :p

Anyone wanna trade a Garmin 800 for a 6 pack of beer?

The 800 has an option to automatically upload your rides to Strava :banana::banana:

when I got my garmin 830, I worked on it for a while to get it to upload to strava automatically. It was horribly unreliable and most times I would end up hooking it to the computer. Now it uploads automatically and I don't understand how.

After the internet started accusing random guys on strava of crimes over the last couple of days, I have started wondering if it makes sense to have this stuff public.

Bingo.

Hence my inquiry.


After the internet started accusing random guys on strava of crimes over the last couple of days, I have started wondering if it makes sense to have this stuff public.

Strava is pretty private if you want it to be.

As stated,
1. You can have a privacy perimeter around any area you choose. Your home for example.
2. You can upload privately, so no one can see it unless you choose.
You can set it so any upload is automatically private, and you can edit the privacy later if you want others to see it.
3. You can have activities private, followers only, or everyone
4.You choose the type of activity (indoor ride, for example)
5. you can manually upload a workout, with no gps activity.

Strava has a very long and not very great history with user privacy.

Even today its kind of a mess.

The thing is if you make everything private there's not much point to it, is there...

SPP

It's giving you a lot of information about your workouts. Even for free, you're getting detailed workout journals to track your training.

The thing is if you make everything private there's not much point to it, is there...

SPP

when I got my garmin 830, I worked on it for a while to get it to upload to strava automatically. It was horribly unreliable and most times I would end up hooking it to the computer. Now it uploads automatically and I don't understand how.

After the internet started accusing random guys on strava of crimes over the last couple of days, I have started wondering if it makes sense to have this stuff public.

^^^ This ;)

Many years ago I was a Sys Admin & realized the majority of folks may not be computer/techy minded about settings etc etc

Same for Strava & GPS tracking devices

Yes maybe Strava can be private if privacy options are set correctly but maybe many users might miss something in setup options on the Garmin etc etc

At the end of the day your either on or off the grid. If On then no guarantees of privacy.

What you can do is set up a Strava under some non-descriptive name & set to private & that is as good as it will get but...Many Strava users are real Type A personalities & want to be "known" :)

It's giving you a lot of information about your workouts. Even for free, you're getting detailed workout journals to track your training.

Actually Golden Cheetah (https://www.goldencheetah.org/) gives much more & is free

Strava has a very long and not very great history with user privacy.
Did they ever do anything after that NYT article that called them out? More settings maybe, but the default seems to be wide open to everybody

Funny sidenote: was on a ride a year or so ago with a buddy who's religious about training: strava, zwift, powermeters, nutrition, data analysis after rides, you name it. We were riding along and he asked me what kind of computer and analytics I was using, and as we were hammering along I shouted (while in the wind, pulling) "the brain!" He shouted back, "Huh? Who makes tha.....ahh, you a$$#ole!"

:banana:

There you go.
If you want to us GC to upload head unit or strava data and keep track of training, sounds good. all free too, can't beat that

Actually Golden Cheetah (https://www.goldencheetah.org/) gives much more & is free

How many people decrying strava’s privacy policies have google, facebook, twitter and countless other apps on their phones that are using their location data?

If you want to participate in modern life, privacy is essentially dead. This is hardly a problem specific to strava and I feel I derive far more utility from it than plenty of other things which are far more intrusive, if somewhat less accessible to the average internet sleuth.

Who is using a throwaway email address, vpn and tor to access this forum?

To be more clear - Is it more rational to worry about being the target of an internet mob based on your strava data or to worry about being denied credit and insurance by an algorithm based on your internet browsing history? The former is the equivalent to being struck by internet lightning, the latter is essentially the business model for countless data brokers.

That said, I absolutely would encourage people to be selective with their privacy settings on strava, for perfectly valid reasons such as not wanting people to see where you live. I use relatively restrictive settings and adjust based on where I am and what I am doing.

I don't understand why this is such a huge sticking point either.
Strava's privacy settings are very easy to access.

I have a feeling it's just an excuse to hate on strava, even though most are on it. Including this entire forum.

How many people decrying strava’s privacy policies have google, facebook, twitter and countless other apps on their phones that are using their location data?

If you want to participate in modern life, privacy is essentially dead. This is hardly a problem specific to strava and I feel I derive far more utility from it than plenty of other things which are far more intrusive, if somewhat less accessible to the average internet sleuth.

Who is using a throwaway email address, vpn and tor to access this forum?

How many people decrying strava’s privacy policies have google, facebook, twitter and countless other apps on their phones that are using their location data?

If you want to participate in modern life, privacy is essentially dead. This is hardly a problem specific to strava and I feel I derive far more utility from it than plenty of other things which are far more intrusive, if somewhat less accessible to the average internet sleuth.

Who is using a throwaway email address, vpn and tor to access this forum?

I am...I use a VPN to block Facebook, GOOGLE and Onion/DuckDuckGo for browser...if people want to talk to me I do tell them I don't have Facebook Messenger, here's my number call me!

It's about about how your private information is sold and shared without your knowledge or discretion that's important, if you don't care fine but others do...

Funny sidenote: was on a ride a year or so ago with a buddy who's religious about training: strava, zwift, powermeters, nutrition, data analysis after rides, you name it. We were riding along and he asked me what kind of computer and analytics I was using, and as we were hammering along I shouted (while in the wind, pulling) "the brain!" He shouted back, "Huh? Who makes tha.....ahh, you a$$#ole!"

:banana:

Lol...excellent! I just look at my watch as I was told by a coach many years ago don't use km's to train, use time...

I am...I use a VPN to block Facebook, GOOGLE and Onion/DuckDuckGo for browser...if people want to talk to me I do tell them I don't have Facebook Messenger, here's my number call me!

It's about about how your private information is sold and shared without your knowledge or discretion that's important, if you don't care fine but others do...

That’s sort of my point - make informed decisions and choose what is right for you.

at a track race (team pursuit) a gazillion years ago, our sole mantra was: don't get lapped. ditch the heart monitors, they won't matter.

will always have the image in my brain of glancing back under my armpit to see that all 3 (or 4, i forget the rule back then) of us were tight together as we crossed the line. as we did, the last guy projectile vomited his breakfast. the sound, the image...priceless.

moral of the story: sometimes you just gotta go. fast. ;)

Lol...excellent! I just look at my watch as I was told by a coach many years ago don't use km's to train, use time...

You think a vpn will secure your privacy?

I am...I use a VPN to block Facebook, GOOGLE and Onion/DuckDuckGo for browser...if people want to talk to me I do tell them I don't have Facebook Messenger, here's my number call me!

It's about about how your private information is sold and shared without your knowledge or discretion that's important, if you don't care fine but others do...

Strava has some pretty good privacy settings should you choose to use them.

The things you make public are like anything else you make public and subject to eyes other than yours.

Yeah I read recently that the privacy options are a lot better...for me it became a ritualistic burden every ride, like a bundy clock requiring a clock on/clock off for every ride...

Strava has some pretty good privacy settings should you choose to use them.

The things you make public are like anything else you make public and subject to eyes other than yours.

Except for the heat map.

Except for the heat map.

While this has allegedly been improved, the heatmaps do likely pose some privacy concerns. However, wouldn’t this be as hard or harder to ‘de-anonymize’ as any other mobile phone data?

I know you hate Strava, but you still carry a phone no?

https://www.nytimes.com/interactive/2019/12/19/opinion/location-tracking-cell-phone.html

Except for the heat map.


Private activities and activities within privacy zones aren’t included in the heat map. You can also opt out of heat map within the privacy settings.

maybe this already exists, but...is there a company out there that acts, or can act, as a repository of standardized info that the consumer controls and thus benefits from (income)?

picture the credit bureaus passing thru the income it receives from selling data around consumer behavior. that kind of general idea.

picture a system that required google to pay those consumers whose behavior tracking is its lifeblood...and a market evolution that requires it to pay for that privelege....hah!

(obviously, its analytics is its bread and butter....all of which we consumers gladly GIVE them for free.)

I am...I use a VPN to block Facebook, GOOGLE and Onion/DuckDuckGo for browser...if people want to talk to me I do tell them I don't have Facebook Messenger, here's my number call me!

It's about about how your private information is sold and shared without your knowledge or discretion that's important, if you don't care fine but others do...

Private activities and activities within privacy zones aren’t included in the heat map. You can also opt out of heat map within the privacy settings.

exactly.

How it Works

When you enable the toggle to 'Include my activities on Metro and Heatmap':
Anyone on the web:
Will see heat on the Heatmap to which you contributed.
No one:
Will see heat from activities that you’ve made 'Only You.'
Will see heat from portions of your activity that began or ended in your privacy zone.

When you disable the toggle to 'Include my activities on Metro and Heatmap':
No one:
Will see heat from activities you’ve uploaded, regardless of whether the activity is public/private.


-The heatmap is a snapshot of historical data and not updated in real time. The heatmap is updated monthly.
- Private activities and portions of activities in privacy zones are excluded from Strava Metro and the Heatmap automatically. Other athletes recording on Strava within an athlete’s Privacy Zone may create “heat” on the map through that zone.
-Athletes may opt out by updating their privacy settings. After opting out, an athlete’s contributions to the heatmap will be removed at the next monthly update.
-Roads and trails with very little activity will not show “heat” until several different athletes upload activities in that area.
-The heatmap is available to the public but only registered Strava athletes may zoom in to street-level details of activity on the heatmap.
-Strava does not track athletes without their knowledge.

You think a vpn will secure your privacy?

Well I'm no IT wiz and don't presume that everything I do would fully block my privacy but I see the reports on my system of what has been blocked from being shared...I personally believe abstaining from websites and apps that do share my data and give no added value to my life can also help.