Why does the app require location permission for wifi signal when other apps don't?

One less obvious thing about apps showing wifi networks in the neighbourhood is that the list of the networks is unique for the given area and can be used to determine user's location. There are online databases with a huge number of access points and their locations created by apps which have access to GPS. Apps which only have access to the surrounding wifi networks and no direct access to GPS or location can then use these databases to get coordinates of users with about 50m precision. For instance, one of such databases is here:


This means that any app that is able to show surrounding wifi networks may know your location.

Until Android 6 basically any app could get the device's location without user's permission this way. In Android 6 Google tried to address this issue (in not a very good way unfortunately as explained later) by letting users know that apps with surrounding wifi network access also know the user's location. Apps that target Android 6 and later need to have the location permission to get access to the wifi network list. See the documentation of the corresponding Android call here


and the Android 6 release notes


which both state the permission is required now. Without the permission the function doesn't return anything and the app cannot show the wifi network list.

Unfortunately, for backwards compatibility with old applications Google still permits calling the getScanResults() function by apps which target Android 5.1 SDK and earlier without the location permission - and these apps work on Android 6 and later devices too. So apps such as  Wifi Analyzer still target an old Android SDK not to annoy users and possible malicious apps still have access to user's location without their permission...

Network Analyzer needs some network-related features which were introduced in Android 6 so it has to target Android 6 SDK or later which means the location permission is required for it (even though the app itself doesn't use the location at all in this case).

I understand the reason why Google requires the permission and I think it's a good thing to do so users know when apps have access to their location, even indirectly. The problem is that that right now any app can workaround it by targeting Android 5.1 SDK or lower which makes this feature completely useless from a privacy point of view. For reference, I've created the following bug report suggesting mandatory location permission requirement for all apps so hopefully it gets fixed by Google one day:


Still need help? Contact Us Contact Us