What the Commercial Drone Industry can learn from Strava

What the Commercial Drone Industry can learn from Strava

I spent much of the day yesterday reading about the implications of what Strava has done by releasing their heatmap of location data into the wild. If you’re unfamiliar with the controversy, Strava, a company that aggregates the location data of folks using their phones and “wearables” like FitBit, released a worldwide heat map of where folks are running, walking and jogging. As you might imagine, folks like the Pentagon have a number of places throughout the world where they don’t want public records of people walking, jogging, or running. Especially the number of people that might be walking, jogging, or running.

This is a huge Operational Security (OpSec) fail. Foreign adversaries can see the concentration and repeated movement of American operatives throughout the world– all through an innocuous little piece of consumer hardware that got a little bit chatty. I can imagine that there are some folks having a considerably worse Monday morning than me right now.

Location data can be extremely sensitive if you can correlate a few other data points with it. For example, the number of folks walking in New York City isn’t likely to change the world, but  companies like FourSquare have detailed databases of locations in New York City. Now correlate that to the time series data and you can derive insights like: Foot traffic to Chipotle is down 30% and so are sales. Front running the stock market isn’t necessarily a threat to national security, but it’s a pretty good start.

There are a lot of parallels with the commercial drone industry on this particular problem. Through nefarious means, you’re able to get access to someone’s drone data. You see that they survey their site twice a week at the same time. Now you have the opportunity to do “Bad Thing X” at the most opportune time: right after a survey with the maximum amount of time to cover up your dastardly deed or make a clean getaway.

It also means that data aggregators need to use exceptionally sound judgement about deriving insights from the data they collect. The de-anonymized nature of their data was particularly worrying. For example, someone was able to deduce which houses were owned by folks that used the app.

The narrative sounds eerily familiar: Enterprises and Government all start using a widely available consumer product with a very consumer-driven backend. Data trickles into the could and comes spilling back out as a Tsunami of insight. And this wasn’t even a breach, this was data they were entitled to give away.

We think a lot about this at Kittyhawk. When you use the wrong tool for the job, you often end up with subpar results. We’re working hard every day to build a product for the enterprise customer looking to use the right tool for the right job.

Joshua Ziering

Joshua is the Co-Founder and Chief Pilot of venture-backed Kittyhawk and a founding member of the Unmanned Aviation Safety Team. Josh is an FAA Part 107 certificate holder and has been flying all manner unmanned aircraft for 15 years. He has piloted everything from a 15 foot Taco Bell Chalupa Blimp to 40 pound 150cc aerobatic aircraft. As an accomplished flyer, Josh has flown professionally for the NHL, ABC Television and various manned-aviation airshows. Josh is a self-taught programmer and entrepreneur. After studying Poetry at Arizona State University, he started and sold several successful businesses. Josh writes regularly for DroneBlog, Drones360, Unmanned Aerial, sUAS News and is oft quoted in publications such as Aviation Today, CNN, Fast Company, Reuters, Rotor & Wing International, sUAS News and Vice. Josh eagerly shares his love of aviation and often-polarizing opinions on where it’s headed at industry conferences including Drone World Expo, Georgia Drone Summit, Public Safety Drone Expo and Xponential.