Defense Department bans geolocation features on tech devices due to security risk
The policy comes after reports some devices conveyed GPS coordinates.
The Department of Defense is prohibiting personnel from using geolocation features on their devices while serving in certain locations after concerns that the information transmitted from such devices was jeopardizing the security of American forces around the world, including those deployed in classified or sensitive areas.
The new policy, which is effective immediately, follows reports from earlier this year that some wearable electronic devices, like the popular Fitbit, can convey users' GPS coordinates in the form of publicly available online maps that display the most frequently trafficked routes of users who allowed their location to be shared.
"The rapidly evolving market of devices, applications, and services with geolocation capabilities presents a significant risk to the Department of Defense personnel on and off duty, and to our military operations globally," the department said in a statement on Monday. "These geolocation capabilities can expose personal information, locations, routines, and numbers of Department personnel, and potentially create unintended security consequences and increased risk to the joint force and mission."
In January, a 20-year old Australian student named Nathan Ruser was exploring the online maps from Strava's Global Heatmap when he found the location of U.S. troops inside Syria.
"The biggest concerns with the data is firstly it allows an unprecedented look at the geographic build of a lot of these bases," Ruser told ABC News in January. "You can see the supply lines, you can see the patrol routes in some cases, and you can see the infrastructure within the bases. But more than that, one of the most important and disturbing elements of the map is that it’s possible to establish an understanding of how the base works."
Journalists quickly started using the Global Heatmap to identify what they believed to be the locations of other U.S. personnel, including a suspected CIA base near Mogadishu, Somalia, and U.S. troops operating in the Sahel region of Africa.
At the time, the Pentagon insisted that the classified or sensitive locations of U.S. service members had not been compromised by the data. But Defense Secretary James Mattis immediately ordered a review of the Pentagon's policies to see if there needed to be additional guidance or a new policy altogether.
The ban, announced on Monday, prohibits Department of Defense personnel "from using geolocation features and functionality on government and non-government-issued devices, applications, and services while in locations designated as operational areas."
Operational areas mostly consist of sensitive overseas locations where U.S. personnel are deployed.
Applicable devices include fitness trackers, smartphones, tablets, smartwatches, and related software applications, according to a copy of the policy memo sent from Deputy Secretary of Defense Patrick Shanahan to top DoD leadership last week. Shanahan's memo also gave the military's combatant commanders guidance on how to seek authorization for the use of geolocation features should they deem it necessary.
Notably, the policy's language allows service members to continue tracking their workouts on a device like a Fitbit, as long as the geolocation feature is turned off.
Pentagon spokesperson Col. Rob Manning told reporters on Monday that the new policy ensures "we're not giving the enemy an unfair advantage," while at the same time "keeping pace with technology."
"It's a necessary evolution," he added.
Those who violate the ban on geolocation features will be dealt with on a case by case basis depending on the severity of the infraction, Manning said.