Does Your Running App Know Too Much?

A French Navy officer went for a jog. Nothing unusual about that, except he ran 7.23 kilometers on the flight deck of the Charles de Gaulle, France’s only nuclear aircraft carrier. And he logged it on Strava.

The carrier’s transponder was switched off. The ship’s location was classified. But “Arthur” (as Le Monde later identified him) had a public Strava profile. Journalists grabbed his GPS data and pinpointed the carrier northwest of Cyprus, roughly 100 kilometers from the Turkish coast. One run. One app. One public profile. That’s all it took to expose a warship that entire intelligence agencies were trying to track.

This wasn’t a one-off, either. Le Monde’s ongoing investigation has traced patrol routes of French nuclear submarines, mapped movements of Israeli military personnel, and identified security team patterns around world leaders. All from fitness app data that people voluntarily uploaded.

Running app privacy might sound like a niche concern. But if a morning jog can compromise a nuclear aircraft carrier, it’s worth asking what yours is giving away.

If It Can Expose an Aircraft Carrier, What’s It Exposing About You?

Think about your last few runs. If you use Strava, Nike Run Club, or any GPS-based running app, there’s a good chance your data tells a story you didn’t mean to share.

Your morning route probably starts and ends at your front door. Your evening runs reveal when you’re home (and when you’re not). Your weekend long runs show which parks you visit, which neighborhoods you pass through, which coffee shop you stop at. Run the same loop enough times and anyone with access to your profile can build a disturbingly accurate picture of your daily life.

This isn’t hypothetical. Back in 2018, Strava’s global heatmap accidentally revealed the locations of secret military bases in Afghanistan, Iraq, and Syria. Soldiers had been logging workouts in places where nobody was supposed to be working out. The heatmap lit up like a bullseye.

Eight years later, the same fundamental problem persists. The apps got better. The default privacy settings didn’t.

What Your Running App Actually Shares

Most runners don’t dig into their app’s privacy settings. You download it, create an account, start running. But the defaults on popular apps tend to lean toward sharing, not privacy.

Here’s what’s typically visible (or collectible) depending on your app and settings:

Your exact GPS route. Not just “ran 5K in the park” but every turn, every stop, every street. Strava and similar apps record GPS coordinates multiple times per second.

Your home and work locations. If you consistently start runs from the same two spots, you’ve basically handed over your home and office addresses. Strava does offer a “hidden start/end” feature, but it only masks a small radius (up to 1 mile), and researchers have shown it can sometimes be reverse-engineered.

Your schedule. Run every Tuesday and Thursday at 6:30 AM? That’s pattern data. Someone watching your public profile knows exactly when you’re out of the house and roughly how long you’ll be gone.

Your fitness data. Heart rate, pace, cadence, elevation. Individually harmless. But aggregated over time, this data paints an intimate picture of your physical health.

Your social connections. Group runs, segment leaderboards, kudos, comments. These reveal who you spend time with and where.

The Privacy Settings You Should Check Right Now

If you’re not ready to ditch social fitness apps entirely, you can at least tighten things up. Here’s a quick audit for the most popular platforms.

Strava

Go to Settings > Privacy Controls. Set your profile to “Followers Only” or “Only You.” Enable the Map Visibility feature (this hides your start and end points). Set the hidden area to the maximum radius. And review your past activities, because changing settings now doesn’t retroactively hide old runs.

Nike Run Club

Nike Run Club shares less by default than Strava, but it still collects your location data. Check your sharing settings and be thoughtful about what you post to social media directly from the app.

Apple Watch / Health App

Apple’s approach is genuinely better here. Workout data stays on your device and in iCloud (encrypted). But the moment you sync to a third-party app, those protections don’t follow your data.

Google Fit / Fitbit

Google’s privacy record is… well, it’s Google. Review your Google Account privacy settings and specifically check which third-party apps have access to your fitness data.

For a broader look at how these apps compare on features and privacy, check out our breakdown of the best running apps in 2026.

The Real Cost of “Social” Fitness

Social features are what make apps like Strava sticky. Kudos, segment leaderboards, club challenges. They turn solitary running into a community experience. And for a lot of runners, that motivation is genuinely valuable.

But there’s a trade-off most people never consciously make. You’re exchanging personal location data for social validation. Every “nice run!” comment comes at the cost of someone (and the platform itself) knowing exactly where you were, when you were there, and how fast you were moving.

Running itself is one of the most private activities you can do. Just you, your shoes, your thoughts. There’s real irony in broadcasting every step to the internet. Science shows that running transforms your brain in profound ways (here’s what actually happens). That mental clarity shouldn’t come with a side of surveillance.

Some runners have decided the trade-off isn’t worth it. They’ve switched to apps that track everything locally without requiring accounts or social profiles. Vima Run, for example, keeps all your data on your device, doesn’t have social features that broadcast your location, and doesn’t share your data with anyone. You still get GPS tracking, pace, distance, and stats. You just don’t get the leaderboard. For a lot of runners, that’s a feature, not a bug.

Beyond Running: The Bigger Privacy Picture

Fitness apps are just one piece of the location-tracking puzzle. Your phone itself is constantly logging where you are. But running apps are uniquely revealing because they capture routes, not just points. They show not just that you were at the park, but which path you took, how long you stopped at the bench, and which direction you headed home.

The Electronic Frontier Foundation has been raising alarms about location data for years. And the problem keeps compounding. Data brokers buy and sell location information. Breaches expose it. Law enforcement requests it. Once your GPS data leaves your device, you’ve lost control of where it ends up.

So the question isn’t really whether your running app knows too much. It does. The question is whether you’re okay with that, and whether you’ve made that choice deliberately or just never thought about it.

Five Things You Can Do Today

1. Audit your privacy settings. Open every fitness app on your phone. Check who can see your activities. Set everything to the most restrictive option you’re comfortable with.
2. Hide your start and end points. If your app offers this feature, turn it on. Set the radius as large as possible.
3. Review old activities. Past runs with public GPS data are still out there. Delete or restrict anything you’re not comfortable sharing.
4. Think before syncing. Every time you connect a new app or service to your fitness data, you’re expanding who has access. Ask yourself if the integration is worth it.
5. Consider going local. If you don’t need social features, use an app that keeps your data on your device. It’s the simplest way to eliminate the risk entirely.

A French officer’s morning jog exposed a nuclear aircraft carrier. Your morning jog probably won’t make international headlines. But it’s still telling a story about you. Make sure you’re the one who decides who gets to read it.

---

FAQ

Can someone actually find my home address from my running data?

Yes. If your runs consistently start and end at the same location and your profile is public, it’s straightforward to identify your home address. Even Strava’s “hide start/end” feature only masks a limited radius, which determined observers can sometimes work around.

Is Strava safe to use?

Strava isn’t inherently unsafe, but its default settings lean toward sharing. If you use it, take time to lock down your privacy controls: set your profile to private, enable map visibility hiding, and review who can see your activities. The app is fine. The defaults just aren’t great.

Do fitness apps sell my location data?

Most major fitness apps say they don’t sell raw GPS data directly. But many share aggregated or anonymized data with partners, and “anonymized” location data has been repeatedly shown to be re-identifiable. Read the privacy policy carefully, particularly the sections about third-party sharing.

What’s the safest way to track my runs?

The safest option is an app that stores data locally on your device without requiring an account or cloud sync. This eliminates the risk of data breaches, unauthorized access, or third-party sharing entirely. You can still get accurate GPS tracking, pace, and distance without any of the exposure.

Should I delete my Strava account?

That’s a personal call. If the social features genuinely help your training, keep it but tighten your settings aggressively. If you mostly run solo and don’t engage with the community features, switching to a privacy-first alternative gives you the same tracking with none of the exposure.