Location data is uniquely sensitive because it reveals not just where you are but who you are. Your home address is where you sleep. Your employer is where you spend weekdays. Your doctor's office, your place of worship, your therapist, your immigration attorney, your AA meeting — all of these become visible in a movement record with enough density. A week of precise GPS pings can be more revealing than years of other data combined.
The location data broker ecosystem is distinct from general data brokers — it's specifically built around mobility data collected from devices in real time. The data flows look like this: an app on your phone requests location permission, grants access to an embedded SDK provided by a data broker, and that SDK harvests your coordinates silently in the background. The app developer gets paid. The broker packages billions of location pings from millions of devices and sells the resulting dataset.
The Companies Building Movement Profiles
Several companies have operated major location data businesses. Their corporate structures change frequently (acquisitions, rebranding, enforcement-driven pivots), so names matter less than understanding what the category does:
- X-Mode Social (now Outlogic): Embedded SDKs in hundreds of apps — including prayer apps and Muslim prayer time applications — to collect location data. Sold to military contractors, defense agencies, and commercial clients. The FTC reached a settlement with X-Mode in January 2024 requiring deletion of location data collected and prohibiting sale of location data that could be used to track visits to sensitive locations (medical facilities, religious sites, domestic violence shelters). It was the first FTC enforcement action of this type.
- Gravy Analytics and its subsidiary Venntel: The FTC filed a complaint in December 2024 alleging these companies collected and sold precise location data from millions of Americans without meaningful consent, including data revealing visits to medical facilities, places of worship, and government buildings. The proposed settlement required deletion of location data and restrictions on future collection.
- SafeGraph: Collected location data from opt-in SDK-embedded apps and sold aggregate movement patterns. Removed from Apple's App Store developer program in 2021. Pivoted toward anonymized aggregate data products.
- Near Intelligence: India-headquartered location data firm; filed for bankruptcy in 2024 amid regulatory scrutiny and financial difficulties.
Senator Ron Wyden's investigation, publicized in 2023–2024, documented that US agencies including CBP, ICE, the IRS Criminal Investigation Division, and the Defense Intelligence Agency purchased location data from commercial brokers. The rationale: commercial data purchases don't require warrants or court orders. Location data that would require a subpoena to obtain from an app company can be purchased on the open market.
How Apps Feed the Ecosystem
The mechanism is almost always an embedded SDK — a software library that app developers include in their app, often in exchange for monetization. The developer agreement grants the SDK access to whatever permissions the app has. If the app has "Always On" location permission for a navigation or weather feature, the SDK inherits that permission.
Many users grant location permission to apps they trust for a specific purpose — weather forecasts, turn-by-turn navigation — without understanding that the permission is simultaneously being used by third-party code to build a commercial location record. The privacy disclosure is technically present in the app's privacy policy, typically buried in terms of service that link to the broker's terms, which link to additional data sharing arrangements.
Consent in the location data ecosystem is legally present but practically absent. Disclosures are structured to satisfy regulatory requirements while minimizing actual user understanding. The consent model exists on paper. — FTC complaint, In the Matter of Gravy Analytics, December 2024
What Location Data Reveals Beyond "Where You Were"
The claim that location data is anonymized — because it lacks names or contact information — fails in practice. Research has consistently shown that a small number of location pings are sufficient to uniquely identify an individual. An individual who regularly visits a specific home address at night and a specific workplace during the day can be matched to public records (voter registration, property records, employer information) without any explicit identifier.
Aggregated location data from a population can reveal:
- Healthcare: Regular visits to oncology centers, addiction treatment facilities, abortion providers, or HIV clinics
- Legal status: Visits to immigration courts or legal aid offices
- Religion: Regular attendance at a mosque, church, synagogue, or other religious institution
- Politics: Attendance at protests, political fundraisers, or campaign offices
- Personal relationships: Who you meet, how often, and where
After the Supreme Court's Dobbs decision in 2022, Motherboard and other outlets reported that location data brokers were selling datasets that could identify visits to abortion clinics. Several states have enacted laws specific to reproductive health location data. The broader pattern — that location data can be used to infer and expose sensitive personal attributes — applies across all these categories.
The Regulatory Response (and Its Limits)
| Jurisdiction | Relevant law/action | What it does | Gaps |
|---|---|---|---|
| US federal | FTC enforcement (X-Mode, Gravy Analytics) | Retrospective enforcement against specific companies | No comprehensive federal privacy law; case-by-case |
| California (CPRA) | CPRA sensitive personal information rules | Precise geolocation is "sensitive" requiring opt-in for selling | California residents only; enforcement variable |
| EU (GDPR) | GDPR Article 6 lawful basis requirements | Requires legitimate interest or consent for location processing; consent must be freely given | Enforcement varies by member state; consent fatigue is real |
| Washington (My Health MY Data Act) | WA SB 5536 (2023) | Restricts collection and sharing of health data including location data revealing health-related visits | Washington residents; private right of action creates litigation costs for enforcement |
Practical Steps to Reduce Location Data Exposure
The most effective interventions target the collection point — apps on your phone — rather than trying to reclaim data after it's been shared:
- Audit location permissions aggressively. On iOS: Settings → Privacy & Security → Location Services. On Android: Settings → Privacy → Permission manager → Location. For each app, ask whether "Always" or "While Using" is necessary for the app's function. Default to "Ask Next Time" or "Never" unless there's a genuine reason.
- Revoke "Always On" for all apps except those where background location is the core feature (e.g., navigation apps). Weather apps, flashlight apps, games, and coupon apps have no legitimate need for background location access.
- On Android, disable "Use location" when not actively using it. Quick settings toggle is the fastest way to do this.
- Use a VPN or DNS-level tracker blocker. This doesn't stop GPS location sharing but does block many of the SDK callback domains that upload location data.
- Prefer apps from developers with minimal tracking. Apps with large SDK dependency trees — particularly those monetized through advertising — are more likely to include location-harvesting SDKs.
These measures reduce the flow of new data. They do not remove data already collected. Submitting deletion requests to data brokers (required under CCPA for California residents) is time-consuming but meaningful for some populations. Services like the data broker opt-out process we've documented elsewhere can help navigate that process.
The Connection to Encrypted Communication
End-to-end encrypted messaging protects the content of your communications. Location data from your device can reveal the context — that you met with a specific person at a specific time, at a specific location, before sending that encrypted message. Metadata and behavioral data can be as revealing as content, and location is among the most powerful metadata available.
For users with elevated threat models — journalists protecting sources, activists, people in sensitive professional roles — location data hygiene is as important as communication security. The communication channel being encrypted doesn't help if your physical meeting with a source is documented in a data broker database.