It’s Thursday night. You’re sitting on the couch binge watching Grey’s Anatomy while thinking about what you can do to make sure you won’t be late to work tomorrow (for the fifth time this week).

Thinking that traffic might be the culprit, you decide to download the Waze app. Maybe its traffic data will give you the edge you need. You fire up the app and are hit with a barrier. Waze needs permission to access your location. What do you do?

Allow all the time? Allow only while using the app? Allow once? Don’t allow?! 😬

They’ll of course recommend the Always Allow option, because then they can personalize your experience in ways like figuring out your home and work addresses, where you usually go on what days and times, and give you reminders you didn’t know you needed–like what time to leave to get to work on time.

But do you ever wonder what else the app maker might do with your location information? Is it saved on their servers? Is it identifiable back to you, personally? Does it get shared with any third parties? Does it ever get deleted? Would they have to delete it if you asked them to?

If you’re concerned about your privacy, and consider your 24/7 whereabouts private information, you may want to consider these things before tapping that Allow button, and handing it over.

In order for consumers to consent to location sharing on iPhone and Android apps, they must trust the companies tracking their every move. But can they?

As privacy-minded application developers ourselves, we at Camber Creative believe it’s important that apps give an unambiguous primer to the user before ever asking for permissions in the first place. Apps should clearly state:

• why the app is asking for location permissions,
• what the user will (or will not) be able to do with the app based on this permission, and
• how location data is going to be handled by the app

If users aren’t becoming less trusting of how app makers are treating their information, perhaps they should be. Here are some of the good and bad aspects of the location permission in particular.

How your location data can be used for great benefit:

• your favorite weather app can send you weather alerts for your current location without you opening the app
• the family and friends who you want to know your location can verify that you (or at least your phone) are safely not in a ditch somewhere with social location sharing apps
• you can get a notification when you’re near a restaurant a friend recommended to you, like with the app we build with our client, To Eat List
• you can figure out where you parked after a long day “around the world” at Disney’s Epcot theme park (have you seen the size of those parking structures?)
• you can satiate your Chick-fil-A addiction by finding the nearest location along your route on a ten-hour road trip

‍

How your location data might be abused:

• Apps might ask for your location even when the benefit to you is questionable
• Apps might inadequately inform you–or worse, deliberately deceive you–about their location data use policies
• Employer-provided apps might track how much time you spend away from your workstation
• Apps might share your location information with third parties
• Apps might leave you powerless to retake control of your location history, should you decide to stop sharing it

There’s a fine line between use and abuse of data when it comes to location permissions on apps that many of us consent to using on a daily basis.

Advice for app makers (including our clients):

1. Don’t ask for permissions that don’t have clear and obvious benefit to the user.
2. Prime the user before you ask for permissions.
3. When possible, only ask for permissions as close to the relevant point in the user flow of your app as possible (just-in-time permissions).

Advice for app users:

1. Don’t automatically click “Allow.” Think critically about why each app might be asking for your location before allowing it, especially if the permission prompt provided by the app is vague or confusing. Ask yourself what part of your experience with the app might be better if the app knows exactly where you are, and make a value judgement. Is it worth exploring further whether you trust this app with your location information? If not, decline the permission request, and carry on! Many apps can still provide tremendous value without knowing your exact location.
2. Carefully consider which location permission to authorize. Location permissions in apps have gotten better in recent years by including more options as standard. Even when you’re pretty sure it’s worth it to give the app access to your location, perhaps the “Allow Once” or “Allow While Using the App” permission is enough for you to get the value you need out of it. Don’t jump to the “Always Allow” option just because it’s convenient or prominently placed. Try “Allow Once” the first time, and see if it’s worth it. That way, you’re hedging your bet by limiting your location history to one data point instead of opting in to 24/7 tracking.
3. Read the privacy policy. This one is almost as painful to write as it is to do in practice. But only do it if you’re seriously considering opting in to the “Always Allow” option. This is the best way to gauge how seriously the app maker takes your private information. Even if you don’t read the whole policy, scan or search the page for the word “location” and read the relevant sections. Do they cover how they use this information? Whether they store it and for how long? Whether they share it with third parties? Anonymously? You can quickly get a sense how deeply the app cares about your privacy by how clear they are about these points. If the policy is vague, confusing, or worse, simply doesn’t mention it, maybe skip the location permissions on this one.