The National Security Agency has issued a document about how to mitigate security issues that may arise through use of “location services” and how to mitigate those risks.
Mobile devices determine location through any combination of Global Positioning System (GPS) and wireless signals (e.g., cellular, wireless (Wi-Fi®), or Bluetooth® (BT)). Location data can be extremely valuable and must be protected. It can reveal details about the number of users in a location, user and supply movements, daily routines (user and organizational), and can expose otherwise unknown associations between users and locations.
Key point: Turning off location services does not turn off GPS, and does not significantly reduce the risk of location exposure.
Also, location services is not synonymous with GPS. Even with GPS and cellular data unavailable, a mobile device can calculate location and apps and websites can use sensor data without requesting permission from the user.
And it’s not just your smartphone or tablet. This applies to fitness trackers, smart watches, smart medical devices and other smart and IoT devices as well.
The mitigation measures given by NSA would likely turn your mobile device into a useless brick, so they are unlikely to help the average user much. Still they are worth a read and some can be used by everyone. However, if you want to be sure, leave the device at home! Keep this in mind when an app promises anonymity or data privacy
The full document: