Strava changes API usage policy

It’s big news this week: Strava is changing its API terms, shutting off a number of widely used apps.

I, for example, use VeloViewer or Statshunters.com to spice up my routes by riding roads I haven’t been on before. Sometimes, I also analyze my training data in intervals.icu when I want to train for the occasional race, and there’s much more:

Wandrer.earth to literally check all new roads, ActivityFix to automagically edit Strava activities based on – for example – connected sensors, and I’ve barely even scratched the surface of stuff you can could do with your Strava data.

For the whole story about this policy change, I would like to refer to the article by the always sharp DC Rainmaker, as it’s actually more concise and complete as an information source than Strava themselves.

After you’re done there, let’s cut to:

My €0,02

I think Strava has handled it rather clumsily, but my first impression is things aren’t as bad as they look.I base this on two statements:

DCRainmaker:

The problem here is that Strava’s API terms are so broad and wonky now, that the API no longer serves a purpose, as stated by the above paragraph.

Strava in response to DCRainmaker:

“These changes were implemented to provide additional safeguards around our community’s data and to help ensure that a user’s Strava data can only be viewed by others on third-party apps in limited scenarios where sharing is both transparent and central to the functionality of the app. We recognize this is a change and are committed to working closely with partners during this transition.”

Privacy

So, they (say they) are all about protecting user privacy. This could of course be a big power move, but it could also actually be that Strava themselves are in a squeeze; after all, they make consumer data available via an API. Even if a consumer gives explicit permission for this, it may not be legal to do so everywhere, and under all circumstances: The problem is that, on average, a consumer has little understanding of how data streams work and will quickly click “ok fine”, which was perfectly proven to us by good old Kyle:


Strava handles a lot of location and health related data. This is to some extent more sensitive than what Facebook knows about you, and it’s easier to access as soon as you have clicked “Allow Access” somewhere.

Power Move

The way I currently see it, this change can only be considered a “Power move” if Strava actually plans to integrate functionality similar to that of intervals.icu, VeloViewer etcetera into their own paid solution. It’s possible that this is part of the motivation, in which case I’m going to be Dutch & direct and doubt the competencies of the commercial department.

Why, you ask? Well, it would make a lot more sense to:

  1. Monetize the API, for example by making free users pay for API access per 3rd party app (which is easy to explain; making a high performing API available to the public is far from free).
  2. Set up a usage agreement with all these 3rd parties. This is an investment, and makes sure 3rd parties don’t get access to more API data then they actually need. Wandrer, for example, has no business checking health related data, and Intervals.icu has no business sniffing around location data.
  3. For apps that are really interesting to integrate into the platform, the next step would then be to use the newly acquired budget to do a buy-out of that specific app.

Powerless?

Well, whatever reasons Strava may have, I still don’t agree with the way they handled this, and this is not the first time they make changes that cause significant disadvantages to their user base.

But we (you, me, and all the other Strava athletes) are not just on the suffering end here. We may be able to do collectively do something about it, or at least take what’s rightfully ours.

After all, the data that Strava has is not owned by Strava: At least under EU law, that data is ours! We can decide we want a summary and we can even decide to take it back.

Under the link Strava: Delete Your Account you can not only delete your account, but also download your complete Strava archive. To do that, click on Download Request (optional) at Step 2. on Request your archive (don’t click anything at Step 3 because then you’ll really delete the whole thing).

Now if Strava suddenly gets a lot of these requests, maybe that’ll slap some proverbial sense into them…?