> Sometimes the scopes of permissions are surprising. For example. scanning for Bluetooth devices on Android requires the location permission. Why? Bluetooth beacons can be used to precisely locate a device.
I am indeed surprised by that. I would have expected the location permission to just control whether or not the app can use the system's location APIs or access GPS (if the system provides low level access to the GPS that doesn't require going through the location APIs).
Having it control access to something that is not specifically a location service but that might sometimes be usable to obtain information that can be used to figure out location does not seem wise to me, because all kinds of things that you might not expect to provide such information do. For example internet access can provide location information indirectly via IP geolocation.
If they try to stop all of that through the location permission then a bazillion apps that the user does not think of as having anything to do with location would have to require location permission, and users would learn that if an app asks for that they have to give it to them.
Bluetooth is specifically used to track location in many places. If you've ever been to a Disney property for example, there are beacons throughout the park for exactly that purpose. As you'd expect, the Disney apps request the fine localization permission and there's fine print somewhere on their website about how you should disable Bluetooth if you don't want to be tracked.
For me, the annoying part of Disney doing this isn't that they do it, it's that they do it and and their ride wait times still aren't accurate. They have a ton of data measuring people moving past specific points in lines in real time, so what are they even doing with it?
> Having it control access to something that is not specifically a location service but that might sometimes be usable to obtain information that can be used to figure out location does not seem wise to me, because all kinds of things that you might not expect to provide such information do. For example internet access can provide location information indirectly via IP geolocation.
Using Bluetooth beacons you can get the location of a user accurate to a couple of meters, possibly granular enough to identify the individual. Continuous tracking can track your movements with the same scale. IP geolocation will at best be a radius of multiple kilometers. There's a big difference between "I know where you're standing at this second" and "I can guess what part of the country you're in".
I am indeed surprised by that. I would have expected the location permission to just control whether or not the app can use the system's location APIs or access GPS (if the system provides low level access to the GPS that doesn't require going through the location APIs).
Having it control access to something that is not specifically a location service but that might sometimes be usable to obtain information that can be used to figure out location does not seem wise to me, because all kinds of things that you might not expect to provide such information do. For example internet access can provide location information indirectly via IP geolocation.
If they try to stop all of that through the location permission then a bazillion apps that the user does not think of as having anything to do with location would have to require location permission, and users would learn that if an app asks for that they have to give it to them.