[raxxorrax]

Sadly yes. It is probably a software component problem that bluetooth is bundled with location services, but without the separation from GPS, I have serious concerns about privacy, even if I think that I only use well behaved apps.

[Phemist]

Bluetooth and location services being bundled is a policy decision by Google. If one has a database filled with historical correlations between bluetooth devices "in range" and GPS coordinates, it is possible to get a pretty accurate fix on someone's location from the current devices that are in range. This is the reason why Google has bundled Bluetooth and GPS in one permission.

Of course, the very fact that these permissions are bundled is the reason why it's feasible to keep such databases up-to-date, and why up-to-date databases provide a continuously stronger case why Bluetooth should be considered a type of location permission..

It would be totally possible to separate location permissions between "passive" location (e.g. triangulation through received GPS coordinates), and "active" location, e.g. inference of location through indirect measures and correlations with historical databases.

Afaik it's now a system-wide setting to disallow said correlations, but offering app developers more fine-grained control would be better for all of us. Why does, for example, my Sony Bluetooth headset need my location just for updating some firmware..

[fomine3]

It's practical and also Apple does, but it's confusing for most users. I wish both platform explaining why it's bundled on the screen. Maybe create a permission only able to connect specific OUI would be a solution?