[sofixa]

> This is a fairly broad problem across the whole phone app world, isn't it? For example, I bought an iOS app for LAN analysis, but then deleted it when it turned out it wouldn't work unless you gave it access to your physical location (I assume that was for their data marketing side business).

I don't know how iOS works, but on Android location data permissions are requested for anything involving networking (including Bluetooth, WiFi). Why? Because access to those could be used to estimate where the user is physically located, so gating it behind the location permission is a good way to ensure nobody exploits that. It's not necessarily obvious when you're presented with the permission screen though.

[magic_hamster]

If it's really a case of gating permissions, I still don't like it.

I used a few apps that utilize Bluetooth without asking for location, even when they aren't the obvious use case (like headphones), although admittedly it's been a while since then.

Afair, I don't recall the Mimo app asking me to turn on wifi for the stabilizer. But maybe yes and I just turned it off after connecting to the device. The operation of the stabilizer is through Bluetooth.

[squeaky-clean]

For the majority of smartphone's existence no permission was necessary, probably because no one ever considered it. Then it was learned stores, for example Target, were using their mobile app to broadcast Bluetooth signals in order to track shoppers movement around the store. So around 2019 Android added it to the general location permission to use Bluetooth for anything other than audio transmission to/from a paired device if device pairing is handled by the OS, hidden from the app.

In late 2021 Android changed it to a separate "ACCESS_FINE_LOCATION" permission, while Apple still keeps it under the general bluetooth permission (while the popup mentions it can be used to track your location).

[autoexec]

> So around 2019 Android added it to the general location permission to use Bluetooth for anything other than audio transmission to/from a paired device if device pairing is handled by the OS, hidden from the app.

Stores don't need your permission or even their own app to be installed on your phone in order to use bluetooth to track people as they move around their stores. If you have bluetooth enabled on your device at all it can be used to track you.

The store just needs to place inexpensive low powered beacons around their store and they will record and log every device that passes within range.

[sofixa]

I think the person you're responding to is misremembering the scandal. It was that Facebook, Google and similar (iirc it was mostly Facebook, Google were doing this with WiFi networks they had built an index of through Street View) would use Bluetooth on your phone to scan for nearby devices, and match them against known other devices and their location, thus deducing who you meet and where.

They even have a patent for that exact thing: https://www.wired.co.uk/article/facebook-phone-tracking-pate...

[squeaky-clean]

No. It was the Target app and it associated it to your Target Circle account.

https://techcrunch.com/2017/09/20/target-rolls-out-bluetooth...

[squeaky-clean]

But if they want to match it to your Target Circle account they need you to be using the app. Also iOS uses BLE address randomization to make tracking a specific individual more difficult. Having your app blast out a known ID bypasses this

https://techcrunch.com/2017/09/20/target-rolls-out-bluetooth...