If a user wants to connect a third party app to Strava to access THEIR DATA, they should be allowed to and it’s their responsibility to read the other website terms of service and privacy.
You can download a data export and upload it to whatever service you wish. You're not necessarily entitled to make Strava do that data sharing for you, though.
It's still a pretty shitty move from Strava's side. I wonder what AI model they're training (or other companies were training) with the data now no longer easily accessible through the API.
Nonsense. The user did intervene: with an OAuth 2 flow. The user doesn't intervene with every API call or database query a data export makes.
What you're really getting at is "the user can't authorize someone else to look at their data". That's like a hospital saying your spouse can't get an update on your condition in the emergency room because you didn't hand the documents to them yourself.
It's certainly well within their right to change this rule and cut off API access, but I suspect a lot of people are going to tell them to go screw themselves.
> "Strava closes the gates to sharing fitness data with other apps"
This doesn't seem to be the case, with the quote they cite:
Effective November 11, the updated API agreement introduces three key changes that provide Strava users with greater control, security, and a consistent experience:
Stronger Privacy Standards: Third-party apps may now only display a user’s Strava activity data to that specific user. Users will continue to have access to their personal Strava data across apps connected to our platform, though there may be differences in how this data appears.
Data Use Limitations: Our terms now explicitly prohibit third parties from using any data obtained via Strava’s API in artificial intelligence models or similar applications.
Protecting the Strava Experience: Additional terms have been added to protect Strava’s unique look and feel and functionality, helping users easily distinguish between Strava and third-party platforms.
The restrictions seem to be:- You can only show that user's data to that user.
- You can't use user's data to train AI models.
So it seems that you can still share your data to other platforms.
Or am I missing something?
#1: “Third-party apps are no longer able to display your Strava activity data on their surfaces to other users.”
#2: “We’re updating our terms to explicitly prohibit third parties from using any data obtained via Strava’s API in artificial intelligence models or other similar applications.”
#3: “You may not process or disclose Strava Data…for the purposes of, including but not limited to, analytics, analyses…”
I interpret that to mean: anything that uses AI in conjunction with Strava data (including wrapping a frontier GPT)
But I guess we would need a lawyer to look at the full text to be sure how a court would read it.
> We believe in the potential of AI to transform the athlete experience–whether it’s delivering more personalized insights to help you reach your goals, generating route or training recommendations, or countless other possibilities. But innovation in this space must be handled responsibly and with a firm focus on user control. As part of our generative AI features, we are committed to implementing thoughtful solutions that prioritize user control and the ability to opt out.
> Third-party developers may not take such a deliberate approach to training AI models and as a result, we believe the best decision for the platform and for users is to prohibit the use of data extracted from Strava users in this manner.
Translation: 'We want to consume your data for AI and we don't want anyone else to consume your data with AI. AI for me, not for thee. We own you and your data.'
Obviously they're totally enlightened and don't fit into that secondary category, as judged by themselves, and thus they deserve an exception to the policy. It's just all their potential competitors who might act unethically. Trust them, they know what's best for you and are only harming you because they care for you.
I would be worried about the continued preservation of my data in the hands of someone who abuses it and uses such archetypical abuser tropes to justify their abuse.