Defense bans fitness apps for soldiers after personal info leak

The Ministry of Defense temporarily made it impossible to install sports- and fitness apps on Defense phones, Defense Minister Ank Bijleveld told parliament on Sunday after it was revealed that personal data can easily be obtained from the Polar fitness app, ANP reports.

"Private data of military personnel, civilian staff and in particular intelligence services are out on the streets, at home and abroad", Bijleveld said. "The ministry repeatedly reminded staff of the specific vulnerability of such apps." 

According to Bijleveld, new technologies must be continually assessed for risks. "Information sharing is part of today's society. It must be prevented that this poses risks for soldiers, their families and ongoing operations. Awareness and peer review are essential to ensure that these risks are reduced."

On Friday De Correspondent and Bellingcat revealed that the personal data of Polar users was visible to everyone. According to the researchers, this involved, among other things, names, training locations and home addresses of soldiers and secret service employees. 

Around 208 sensitive locations and 6,460 people of 69 nationalities were identified. In a sample of a few hundred soldiers and secret service employees, 90 percent's identity and home address could be found in a matter of minutes. As example, the two organizations mention four Dutch soldiers who jog on a base in Iraq, American soldiers who jog in Guantanamo Bay and a Russian tracked jogging both at the Russian secret service's head office in Moscow and in Iraq, Pakistan and Afghanistan.

According to the researchers, apps like Runkeeper, Endomondo and Strava also have this same problem. With these apps retrieving personal data is more difficult, but still possible.