How To Prevent Someone From Tracking Your Location

Last updated: March 15, 2026

Your smartphone constantly broadcasts location data through multiple channels, GPS satellites, cellular towers, Wi-Fi networks, and Bluetooth beacons. Understanding these vectors enables effective countermeasures. This guide provides technical depth for developers and power users seeking location privacy.

Prerequisites

Before you begin, make sure you have the following ready:

A computer running macOS, Linux, or Windows
Terminal or command-line access
Administrator or sudo privileges (for system-level changes)
A stable internet connection for downloading tools

Step 1 - Location Tracking Vectors Explained

Modern smartphones expose location data through four primary mechanisms, each with distinct technical characteristics and mitigation strategies.

GPS (Global Positioning System)

GPS relies on signals from orbiting satellites. Your device calculates position by measuring time differences between signals received from multiple satellites. GPS provides accuracy within 5-10 meters under optimal conditions but requires clear sky visibility.

To verify GPS status on Android:

Check GPS provider status via ADB
adb shell settings get secure location_providers_allowed

Disable GPS entirely
adb shell settings put secure location_providers_allowed -gps

On iOS, GPS cannot be fully disabled without disabling Location Services entirely, which impacts legitimate app functionality.

Cellular Network Triangulation

Your phone connects to nearby cell towers, even without active calls. Carriers triangulate position using signal strength from multiple towers. This works indoors and operates continuously.

Technical mitigation involves using airplane mode or aircraft-style cell jamming (typically illegal). For legitimate protection, consider burner phones with minimal carrier association.

Wi-Fi Positioning System (WPS)

Google and Apple maintain databases mapping Wi-Fi router MAC addresses to geographic locations. Your phone scans for nearby networks and reports them to these services, even with Wi-Fi disabled, probe requests reveal network names.

On Android 10+, MAC randomization prevents permanent association:

// Verify MAC randomization is enabled
WifiManager wifiManager = (WifiManager) context.getSystemService(Context.WIFI_SERVICE);
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.Q) {
    Log.d("Privacy", "MAC randomization: " +
        wifiManager.isMacRandomizationSupported());
}

Bluetooth Low Energy (BLE) Beacons

Retail stores, airports, and smart cities deploy BLE beacons for location tracking. Your phone detects these beacons for indoor navigation and proximity marketing.

Step 2 - Systematic Countermeasure Implementation

Phase 1 - Permission Audit and Revocation

Review all apps with location permissions. Many request unnecessary access.

Android Implementation:

List apps with location permission
adb shell pm list permissions -d | grep -i location

Revoke specific app permission
adb shell pm revoke com.suspicious.app android.permission.ACCESS_FINE_LOCATION

iOS Implementation: Settings → Privacy & Security → Location Services Disable access for non-essential apps. Set to “While Using” instead of “Always” where possible.

Phase 2 - System Service Configuration

Both platforms include location-related services requiring attention.

Android System Services:

Google Location History: Disable at myactivity.google.com/controls
Location Services: Settings → Location → Location Services (toggle off Wi-Fi scanning, Bluetooth scanning)
Emergency Location Service: Cannot be disabled, this is intentional for 911 functionality

iOS System Services:

Significant Locations: Settings → Privacy & Security → Location Services → System Services → Significant Locations (disable)
Location-Based Apple Ads: Settings → Privacy & Security → Apple Advertising (disable Personalized Ads)
HomeKit: Disable Location for each accessory

Phase 3 - Network-Level Protection

Protecting location requires securing all network traffic.

VPN Configuration: Route all traffic through a VPN to prevent ISP-level location inference:

WireGuard configuration example
[Interface]
PrivateKey = <your-private-key>
Address = 10.0.0.2/32
DNS = 10.0.0.1

[Peer]
PublicKey = <server-public-key>
Endpoint = vpn.example.com:51820
AllowedIPs = 0.0.0.0/0
PersistentKeepalive = 25

DNS Configuration: Use privacy-resolving DNS to prevent location-based query leakage:

Quad9: 9.9.9.9
Cloudflare (with DNS-over-HTTPS): https://cloudflare-dns.com/dns-query

Configure via Network Settings → Private DNS on Android or DNS Settings on iOS.

Phase 4 - Advanced Mobile Configuration

Custom ROM Consideration: Installing privacy-focused ROMs like GrapheneOS or CalyxOS provides granular permission control unavailable in stock firmware. These ROMs include:

Per-app network permission toggle
Automatic permission revocation after app uninstall
Sandbox enforcement preventing cross-app data leakage

Network Stranding: When entering sensitive environments, enable airplane mode, but recognize limitations:

On Android, verify airplane mode disables all radios
GPS is hardware-based and may remain active
only truly disconnects with powered-off state

Technical Reality Check: Airplane mode on most devices does NOT disable GPS (which is receive-only). GPS itself transmits nothing. However, apps can still record GPS coordinates while airplane mode is active and transmit when reconnected.

Phase 5 - Monitoring and Detection

Verify your countermeasures with active testing.

Android:

Monitor location API calls (requires root)
adb logcat | grep -i "location"

Check which apps recently accessed location
adb shell dumpsys location

iOS: Settings → Privacy & Security → Location Services → Location Services indicator (shows purple arrow when location recently accessed)

Third-Party Verification:

Privacy Tester apps simulate tracking scenarios
Network analysis tools (Wireshark, Packet Capture) reveal location data transmission

Step 3 - Platform-Specific Recommendations

Android Users

Disable “Improve Location Accuracy” in Location settings (disables Wi-Fi scanning)
Set all apps to “Allow only while using” not “Allow all the time”
Use Firefox with Enhanced Tracking Protection for browsing
Disable Google Location Sharing in Google Maps settings
Consider disabling Chrome entirely (replaced with Brave or Firefox)

iOS Users

Enable “Precise Location” toggle OFF for each app individually
Disable “Share My Location” in Find My settings
Use “Custom Access” for Location (iOS 15+)
Disable “Analytics & Improvements” in Privacy settings
Consider “Lockdown Mode” for maximum protection

Physical Security Considerations

Digital countermeasures fail without physical device security:

PIN Complexity: Minimum 6-digit PIN (not 4-digit)
Biometric Limitations: Fingerprint/face unlock can be coerced; use PIN for sensitive situations
SIM Protection: Enable SIM PIN to prevent SIM-swapping attacks
Encrypted Storage: Full-disk encryption is default on modern devices but verify in settings
Secure Boot: Ensure your device verifies software integrity on each boot

Step 4 - Special Use Cases

Journalists and Activists: Standard countermeasures are insufficient. Consider:

Dedicated “burner” devices for sensitive communications
Air-gapped devices for data storage
Hardware security keys (YubiKey) for authentication
End-to-end encrypted communication (Signal)

Developers Building Location-Aware Apps: If your app requires location:

Request minimum accuracy necessary
Implement permission rationale before system prompt
Provide clear privacy policy
Consider on-device processing over server transmission

Troubleshooting

Configuration changes not taking effect

Restart the relevant service or application after making changes. Some settings require a full system reboot. Verify the configuration file path is correct and the syntax is valid.

Permission denied errors

Run the command with sudo for system-level operations, or check that your user account has the necessary permissions. On macOS, you may need to grant terminal access in System Settings > Privacy & Security.

Connection or network-related failures

Check your internet connection and firewall settings. If using a VPN, try disconnecting temporarily to isolate the issue. Verify that the target server or service is accessible from your network.

Frequently Asked Questions

How long does it take to prevent someone from tracking your location?

For a straightforward setup, expect 30 minutes to 2 hours depending on your familiarity with the tools involved. Complex configurations with custom requirements may take longer. Having your credentials and environment ready before starting saves significant time.

What are the most common mistakes to avoid?

The most frequent issues are skipping prerequisite steps, using outdated package versions, and not reading error messages carefully. Follow the steps in order, verify each one works before moving on, and check the official documentation if something behaves unexpectedly.

Do I need prior experience to follow this guide?

Basic familiarity with the relevant tools and command line is helpful but not strictly required. Each step is explained with context. If you get stuck, the official documentation for each tool covers fundamentals that may fill in knowledge gaps.

Is this approach secure enough for production?

The patterns shown here follow standard practices, but production deployments need additional hardening. Add rate limiting, input validation, proper secret management, and monitoring before going live. Consider a security review if your application handles sensitive user data.

Where can I get help if I run into issues?

Start with the official documentation for each tool mentioned. Stack Overflow and GitHub Issues are good next steps for specific error messages. Community forums and Discord servers for the relevant tools often have active members who can help with setup problems.