While it is possible that the data could still be compromised by a man-in-the-middle (MITM) attack, due to the relatively not-sensitive nature of the data there is no incentive for this attack to be performed. The largest impact of a MITM attack would be the user being presented with falsified data, which has potential flow-on effects, such as them being directed to a hostile website instead of a food truck's, but BCC does not provide any way of validating the data returned from its API, meaning that a MITM attack is almost impossible to detect, and thus impossible to protect against.