There is no such thing as a “very respectable” VPN service, unless you are paying for it. See—>Don't use VPN services. · GitHub
And even if you are paying to use it there is no guarantee that they aren’t either using or selling your information.
Websites cannot access the phone’s location data unless you allow them to. Any site that requests your location will result in a dialog that asks if you agree. That doesn’t prevent the site from using the geographical info associated with your IP address as it would for any device with a web browser.
And your carrier tracks your location all the time; it needs to do this so when someone calls you they know where your phone is. But carriers also sell this information, and provide it to law enforcement when requested. This has nothing to do with iPhones, it’s true for any cell phone.
The information contained in a web reply is very limited; it includes your screen size, IP address, browser type and version, stuff it needs to format the content correctly. It doesn’t include any information from your settings. However, there are services that can use this information to identify who you are, information contained in huge databases that anyone can pay to view.
Apple protects you from tracking via crowd-sourced Wi-Fi networks; it’s a little known feature. When a Wi-Fi network “sees” your phone the phone sends a fake Wi-Fi address to the site, which changes randomly. It only sends the real address if you connect to the site. Which is a good reason to never use public Wi-Fi networks. However, the iPhone does respond to Bluetooth iBeacons if you install any retailer apps that have this enabled. The idea is when you enter a store the merchant can identify you if you have done business with them in the past.
But while we are discussing tracking, here are some notes I have compiled:
- Your carrier knows the location of your phone all the time, even if you turn off location services, because it can triangulate from the towers that receive your phone’s periodic “I’m here” ping. They are required by law to do this to support E911. They upload this information to databases where your location and whereabouts are known to law enforcement and any business that cares to know where you are.
- License plate scanners are ubiquitous, in police vehicles and repo trucks. And also along limited access highways, toll roads, bridges and tunnels. And every time your plate is scanned it goes into a location database.
- Electronic toll tags are obviously used every time you use a toll facility, but transponders are located everywhere along highways for traffic control. Have you see signs that display how long it will take to get to an upcoming milepost? Where do you think they get that information?
- Do you use public Wi-Fi, your cable provider’s hotspots or the “free” convenient Wi-Fi networks in malls and stores? Did you think that your location wasn’t tracked by those?
- See those cameras in stores, malls and other public places? Have you heard about facial recognition?
- Do you have a Transit Pass account?
- Do you use an urban bicycle rental like New York’s CitiBike? Have you noticed that your usage history shows the location and time you picked up the bike and likewise when you dropped it off?
- Do you use credit cards in stores? Did you know that the location where you use a card is recorded in a worldwide central database, ostensibly to detect card fraud through what’s called a “velocity check” (AKA as the “superman test”)?
- Have you heard of iBeacon? It’s a feature that tracks and reports the location of any device that has Bluetooth enabled on a device.
- What about Find My iPhone, which always knows where your phone is? And its feature added in iOS 12 that uses the Bluetooth signals from other phones to anonymously crowdsource the location of a missing phone?
Apple is about the only business in the world that does NOT track you.
