Not every app -- but I feel like different apps demand different techniques, and tend to descend the gradient from most-intrusive to least in terms of permissions. That said, I'm not a privacy freak; I have no personal qualms about approving location services for a lot of apps. Go nuts, I don't care.
For instance, mapping or Waze needs your current GPS coordinate at all times. This doesn't bother me because I'm being tracked myriad other ways, even if I don't give permission -- cameras in every gas station and store, license-plate-reading cameras on police cars and traffic lights, StarLink in my Subaru, the SSID technique described in OP blog, credit card transactions at the pump, GPS coordinates from a passenger who did grant permissions (and we happen to be Instagram friends, so we're forever connected), an AirTag hidden in my gas tank, on and on and on.
It might seem like overreach for a paranoid person to need to grant location services to Papa Johns to order pizza, but that app may have legitimate reasons: expedited discovery of the nearest brick-and-mortar, realtime delivery tracking, order-abuse prevention or prediction (why are you placing orders repeatedly to locations all over the country, even if they're prepaid?), unwanted, craven marketing, backend revenue streams selling your data to Satan, etc.
Other types of apps, like Nextdoor or Tinder, don't actually need your exact location. They need to know generally where you are, but having precise coordinates isn't in the best interest of the user (see recent Feeld disaster where exact locations were prominently displayed on profiles [0]). On top of that, Nextdoor revolves around the neighborhood you live in; if you're traveling, it shouldn't update the feed based on your current location, nor let you join neighborhoods you're visiting in a transient manner just because of a GPS coordinate.
Then, consider that native-OS permissions popups are obtuse at best; many people simply want to have some tactile understanding of their choices.
My 70 year old father could understand if an app asks "Hey, generally where are you located? I'll send you coupons" and he can reply "XYZ, State" once, and that's the end of that. A boilerplate permissions modal that doesn't explain the difference between precise and approximate location, while simultaneously not visually showing what "approximate" even means (is it a loose radius centered on your precise location? how loose exactly? or is it a tile on a fixed grid? is it the entire city? etc) to him is no different than just constantly polling GPS+SSID in the background. "THEY know where I'm at!"
What I'm really getting at is most app permissions have terrible UX/UI, and operate opaquely.
It is not at all clear what you're sharing and with whom, and they tend to have three options: 0%, 1% and 100% (no access, access to one photo at a time when you choose, or access to every photo on your device; no location, give your location once and never be able to view what you submitted or update it, or precise location at all times, etc).
What if I only want to receive a specific segment of a brand's communications? (ex. let me know about upcoming events, but I'm not interested in new merch). Any bozo can implement that for an app that's willing to actively categorize their communications, but most have no interest in taking on the responsibility.
It's just a shame that users and user experience are rarely considered when designing most apps and websites. Corners are cut by design, liability is aggressively and intentionally limited from the top down, and decisions are made for structural and financial reasons at the expense of the humans wasting their time or money using any given app, when it could be so much better (with less effort!)
For instance, mapping or Waze needs your current GPS coordinate at all times. This doesn't bother me because I'm being tracked myriad other ways, even if I don't give permission -- cameras in every gas station and store, license-plate-reading cameras on police cars and traffic lights, StarLink in my Subaru, the SSID technique described in OP blog, credit card transactions at the pump, GPS coordinates from a passenger who did grant permissions (and we happen to be Instagram friends, so we're forever connected), an AirTag hidden in my gas tank, on and on and on.
It might seem like overreach for a paranoid person to need to grant location services to Papa Johns to order pizza, but that app may have legitimate reasons: expedited discovery of the nearest brick-and-mortar, realtime delivery tracking, order-abuse prevention or prediction (why are you placing orders repeatedly to locations all over the country, even if they're prepaid?), unwanted, craven marketing, backend revenue streams selling your data to Satan, etc.
Other types of apps, like Nextdoor or Tinder, don't actually need your exact location. They need to know generally where you are, but having precise coordinates isn't in the best interest of the user (see recent Feeld disaster where exact locations were prominently displayed on profiles [0]). On top of that, Nextdoor revolves around the neighborhood you live in; if you're traveling, it shouldn't update the feed based on your current location, nor let you join neighborhoods you're visiting in a transient manner just because of a GPS coordinate.
Then, consider that native-OS permissions popups are obtuse at best; many people simply want to have some tactile understanding of their choices.
My 70 year old father could understand if an app asks "Hey, generally where are you located? I'll send you coupons" and he can reply "XYZ, State" once, and that's the end of that. A boilerplate permissions modal that doesn't explain the difference between precise and approximate location, while simultaneously not visually showing what "approximate" even means (is it a loose radius centered on your precise location? how loose exactly? or is it a tile on a fixed grid? is it the entire city? etc) to him is no different than just constantly polling GPS+SSID in the background. "THEY know where I'm at!"
What I'm really getting at is most app permissions have terrible UX/UI, and operate opaquely.
It is not at all clear what you're sharing and with whom, and they tend to have three options: 0%, 1% and 100% (no access, access to one photo at a time when you choose, or access to every photo on your device; no location, give your location once and never be able to view what you submitted or update it, or precise location at all times, etc).
What if I only want to receive a specific segment of a brand's communications? (ex. let me know about upcoming events, but I'm not interested in new merch). Any bozo can implement that for an app that's willing to actively categorize their communications, but most have no interest in taking on the responsibility.
It's just a shame that users and user experience are rarely considered when designing most apps and websites. Corners are cut by design, liability is aggressively and intentionally limited from the top down, and decisions are made for structural and financial reasons at the expense of the humans wasting their time or money using any given app, when it could be so much better (with less effort!)
[0] https://mashable.com/article/feeld-app-down