One day, Priya was on her way to a birthday party at a friend’s house, and she didn’t want anyone to know her location; so, she turned off her phone’s location services, thinking she had done something very smart.
The next morning, Google Photos automatically tagged a photo from the party with the restaurant’s name and address.
She hadn’t shared anything. Hadn’t checked in. Hadn’t even connected to the restaurant’s Wi-Fi. And yet her phone knew exactly where she’d been.
This isn’t a glitch. It isn’t a conspiracy theory. It’s just how modern smartphones work — and most people have no idea.
The GPS Off Button Is Not What You Think It Is
Here’s the thing nobody tells you when you tap that location toggle. Turning off GPS doesn’t turn off location tracking. It turns off one method of location tracking — the satellite-based one. Your phone has at least four other ways to figure out where you are, and most of them don’t need your permission to run.
Turning off location services limits apps and system features from accessing GPS data. But it doesn’t disable Wi-Fi, Bluetooth, or cell tower connections. Your device can still be located approximately — even with GPS off. AndroidGuys
Think of it like turning off the lights in a room but leaving the windows, the TV, and the hallway lamp on. You’ve reduced the brightness. The room isn’t dark.
Method 1: Cell Tower Triangulation — Always On
Right now, your phone is connected to at least one cell tower. Probably three. It has to be — that’s how calls and mobile data work. And those towers are noting your presence whether you like it or not.
By triangulating signal strength between multiple cell towers, your phone’s approximate location can be determined. This method doesn’t require GPS or Wi-Fi and happens passively — your phone can be tracked without you being actively involved.
It’s not precise. Cell tower triangulation puts you somewhere within a few hundred metres to a few kilometres depending on tower density. In a city like Mumbai or Delhi where towers are dense, that radius shrinks significantly. In a rural area it’s wider. But “approximate” and “private” are very different things.
Cell phone providers are required by law to track your phone’s location for emergency services — even if you’ve turned off location services on your device, your phone is still communicating with nearby cell towers. Your provider can pinpoint your location in the event of an emergency — and this historic location data is being recorded in call detail records.
Your carrier knows everywhere you’ve been. Not approximately. Every tower you’ve connected to, timestamped, stored.
Method 2: Wi-Fi Positioning — Even Without Connecting
This is the one that surprises people most. Your phone doesn’t need to be connected to a Wi-Fi network to use it for location tracking. It just needs to see it.
If your phone is connected to Wi-Fi or Bluetooth, Google can tap into nearby Wi-Fi access points and Bluetooth beacons to get a general idea of where you are.
Every Wi-Fi router has a unique identifier — a MAC address — and its physical location has been mapped by companies like Google over years of Street View cars and crowdsourced data collection. When your phone’s Wi-Fi chip scans for networks (which it does constantly, even when you’re not connecting to anything), it sees these identifiers and matches them against that map.
Rajesh was at a hospital visiting a family member. He hadn’t turned on location, hadn’t connected to anything. Two days later, he started seeing ads for health insurance and pharmaceutical products. He hadn’t Googled anything health-related. His phone had simply noticed the Wi-Fi networks around him — networks that had been mapped to that specific hospital — and that context had quietly filtered into his ad profile.
Uncomfortable? Yes. Illegal? In most countries, no.
Method 3: Bluetooth Beacons — The Invisible Trackers in Every Mall
Walk into any large mall, supermarket, or airport in 2026 and there are Bluetooth beacons hidden throughout the space. Small devices, often the size of a coin, transmitting signals to every phone that walks past.
Many stores use Bluetooth beacons to detect your phone as you pass by, helping them analyse customer traffic. Crowdsourced finding networks like Apple’s Find My network allow devices to anonymously report the location of other nearby devices.
Stores use this data to understand which sections you spent time in, which displays you walked past without stopping, and how long you browsed. They correlate this with purchase data. They sell aggregated versions of it to advertisers.
You didn’t share your location. You walked into a building with your Bluetooth on.
Method 4: Sensor Data — The One That’s Almost Science Fiction
This is the tracking method that even technically-minded people don’t know about. And it’s genuinely unsettling.
Princeton researchers developed a technique called PinMe that tracks location even if location services, GPS, and Wi-Fi are all turned off. Data used includes the phone’s time zone and information from sensors like air pressure. When mixed with public information like maps, a device’s location can be estimated without location services. Since these data sources don’t require user permission and only collect small amounts of data, the method is virtually undetectable.
Your phone’s barometer measures air pressure — which changes with altitude and geography. The accelerometer tracks movement patterns — whether you’re walking, on a train, in a car. The gyroscope tracks orientation changes consistent with specific routes. Combined with publicly available maps and transit data, a detailed movement profile can be assembled from sensors you never knew were being read.
No GPS. No Wi-Fi. No Bluetooth. Just the background sensors your phone uses for “fitness tracking” — and a clever enough algorithm on the other end.
Method 5: Your IP Address — Coarser But Constant
Every time your phone connects to the internet — any app, any browser, any background service — it broadcasts an IP address. That IP address is assigned by your internet provider and corresponds to a geographic area.
It’s not precise — IP location typically puts you in the right city or neighbourhood, not your exact street. But combined with the other methods? It fills in gaps. And every website you visit, every app that makes a network request, every ad network loading in the background of an app you’re using — all of them log that IP address, every time.
The Real-World Consequences
Ananya was going through a difficult divorce. She’d turned off location on her phone specifically because she didn’t want her movements tracked. She visited a lawyer’s office three times in one week.
Her phone had connected to the building’s public Wi-Fi network — named something generic, like “FreeWifi_BuildingLobby.” That network’s MAC address was mapped to that building. Her phone had also connected to the cell tower nearest the office. None of it showed up in her location history — because location was off. But her carrier had the tower connections. And her Google account had the Wi-Fi network associations. And her browsing later that evening surfaced targeted ads for divorce attorneys.
The data was never “private.” It was just distributed across systems she couldn’t see.
What You Can Actually Do
None of this requires paranoia. Just awareness — and a few specific settings.
Turn off Wi-Fi scanning when not in use. On Android: Settings → Location → Wi-Fi scanning → Off. This stops your phone scanning for networks even when Wi-Fi is off. On iPhone, this is partially handled by disabling Location Services for System Services → Wi-Fi Networking.
Turn off Bluetooth when you’re not using it. Not just disconnecting devices — actually off. Bluetooth scanning is how beacons find you.
Audit app location permissions seriously. Check the permissions for all apps and switch them to “only while using the app” at minimum — or deny location entirely for apps that have no obvious reason to need it. A torch app doesn’t need your location. A shopping app doesn’t need it always-on.
Use a VPN when on public networks. A VPN masks your IP address when you’re outside your home, adding one more layer of friction for location inference based on network data. Not foolproof — but meaningful.
Turn off Location History in your Google account. This is separate from the location toggle on your phone. Google Account → Data & Privacy → Location History → Turn off. This stops Google building a permanent timeline of everywhere you’ve been.
The Bottom Line
Turning off GPS is a start. It’s not a solution.
Even with GPS turned off, 70% of mobile apps still collect location data through alternative methods. Cell towers, Wi-Fi signals, Bluetooth beacons, sensor data, IP addresses — your phone is a location device whether or not you’ve given it permission to be one. The permission toggle controls one layer of a system with five layers.
That doesn’t mean privacy is impossible. It means privacy requires more than one tap. Know what’s running. Audit your permissions. Turn off the things you’re not using. And stop assuming that because you turned something off, it stopped.
Your phone is very good at knowing where you are. It’s been practicing for years.
Frequently Asked Questions
Q1: Does Airplane Mode stop all location tracking? Almost — but not entirely. Airplane Mode disables cellular, Wi-Fi, and Bluetooth, cutting off the main tracking methods. However, GPS satellites are passive receivers and can still function in Airplane Mode on most phones. Your phone’s sensors also keep running. And your carrier retains your last known location from before you enabled Airplane Mode. For genuine privacy, Airplane Mode plus powering off is the closest you’ll get.
Q2: Can apps track me through photos? Yes. Photos taken on your phone contain EXIF data — metadata embedded in the image file that includes GPS coordinates of where the photo was taken, timestamp, and device information. When you upload a photo to social media or share it in a messaging app, that metadata travels with it unless the platform strips it (most do) or you do it manually. Photos taken with location off still contain other identifying metadata even without GPS coordinates.
Q3: Is this legal? In most countries, yes — within limits. Cell tower data collection by carriers is legally mandated for emergency services. Wi-Fi positioning and Bluetooth scanning are covered in app terms of service most people don’t read. India’s DPDPA 2023 is beginning to address some of these practices, and the EU’s GDPR provides stronger protections for European users. But globally, most of what’s described in this article operates in a legal grey zone that regulators are still catching up to.
Q4: Does a factory reset clear location history? It clears data stored on the device. It doesn’t clear location history stored in your Google, Apple, or carrier accounts — that lives on servers you don’t control. A factory reset without also clearing your cloud account’s location history just moves the data off your phone while leaving it intact elsewhere.