Fitness app Strava is tightening third-party access to user data

AI, while having potential, “must be handled responsibly and with a firm focus on user control,” and third-party developers may not take “such a deliberate approach,” Strava wrote. And the firm expects the API changes will “affect only a small fraction (less than 0.1 percent) of the applications on the Strava platform” and that “the overwhelming majority of existing use cases are still allowed,” including coaching platforms “focused on providing feedback to users.”

Ars has contacted Strava and will update this post if we receive a response.

DC Rainmaker’s post about Strava’s changes points out that while the simplest workaround for apps would be to take fitness data directly from users, that’s not how fitness devices work. Other than “a Garmin or other big-name device with a proper and well-documented” API, most devices default to Strava as a way to get training data to other apps, wrote Ray Maker, the blogger behind the DC Rainmaker alias.

Beyond day-to-day fitness data, Strava’s API agreement now states more precisely that an app cannot process a user’s Strava data “in an aggregated or de-identified manner” for the purposes of “analytics, analyses, customer insights generation,” or similar uses. Maker writes that the training apps he contacted had been “completely broadsided” by the API shift, having been given 30 days’ notice to change their apps.

Strava notes in a post on its forum in the Developers & API section that, per its guidelines, “posts requesting or attempting to have Strava revert business decisions will not be permitted.”

https://arstechnica.com/gadgets/2024/11/fitness-app-strava-is-tightening-third-party-access-to-user-data/