I’ve spent years watching how small settings and default options quietly hand over pieces of our lives to companies and apps. Smartphones are powerful tools, but they’re also the most intimate data collectors we carry. If you want to stop silent data leaks—location pings, background mic access, or apps hoovering up photos—there are concrete settings you can change today that make a big difference without turning your phone into a brick.
Start with the big wins: system updates and app hygiene
Before diving into granular permissions, I always make sure the basics are covered. Many “leaks” happen because of old software or malicious apps.
Install OS updates (iOS and Android) as soon as they’re available. These patches close security holes that can be exploited to siphon data.Uninstall apps you don’t use. If you haven’t opened an app in months, remove it — every app is a potential data collector.Review app store reviews and developer reputations. Apps from unknown publishers that request many permissions are red flags.Location: cut GPS access without losing core functions
Location is one of the most sensitive data types. I keep location strict and deliberate.
iPhone: Settings > Privacy & Security > Location Services. Set apps to “Ask Next Time” or “While Using the App.” Disable “Precise Location” if an app doesn’t need exact coordinates.Android: Settings > Location. Use the “App-level permissions” or “Permission manager” to set location to “Allow only while using the app” or “Deny.”Also turn off Wi‑Fi/Bluetooth scanning options that let apps approximate your location when GPS is off (Settings > Location > Wi‑Fi and Bluetooth scanning on Android, similar controls in iOS under System Services).
Camera and microphone: grant only what’s needed
I treat camera and mic access like home keys: only for trusted apps and only when actively in use.
Use “Ask” settings: iOS and Android allow you to choose “Ask Next Time” or “While Using.” Never choose “Always.”Check background access: some apps request microphone/camera access for background listening. Deny those.Inspect the app’s purpose. A flashlight doesn’t need camera access — that’s a red flag.Photos and files: use selective access
Apps don’t need full access to your entire photo library. I give access selectively.
iOS: Give access to “Selected Photos” rather than “All Photos.”Android: Use scoped storage permissions (Android 11+ lets you grant access to specific files or only media). Avoid granting full file system access unless strictly necessary.Background app refresh and running in background
Apps that run in the background can quietly send data. Limit background activity.
iOS: Settings > General > Background App Refresh — turn off for apps that don’t need it.Android: Settings > Apps > [App] > Battery > Background restriction or restrict background activity.Ad tracking and analytics: shrink your digital footprint
Ads and analytics are major trackers. Reduce their reach with built-in controls.
iOS: Settings > Privacy & Security > Tracking. Toggle off “Allow Apps to Request to Track.” Also use Settings > Privacy & Security > Analytics & Improvements to limit sharing diagnostics.Android: Settings > Privacy > Ads. Enable “Opt out of Ads Personalization” and reset your advertising ID periodically.Clipboard and deep linking: watch for sneaky reads
Apps increasingly read the clipboard without clear reason. I refresh the clipboard and limit sharing.
Both iOS and Android now notify you when an app reads the clipboard; deny or uninstall apps that do so unnecessarily.Be cautious when copying passwords or sensitive content—clear the clipboard if you’ve copied something sensitive.Bluetooth and nearby devices
Bluetooth can be used for proximity tracking and passive data collection.
Disable Bluetooth when not in use. For apps that use Bluetooth, only grant access when the app is active. On iOS, check Settings > Bluetooth and in the app permission panel; on Android, use app permissions to control Nearby Devices/Bluetooth.Privacy dashboards and auditing tools
I regularly audit what apps are doing with built-in dashboards.
iOS App Privacy Report: Settings > Privacy & Security > App Privacy Report — see which apps accessed location, camera, mic, contacts, and network activity.Android Privacy Dashboard: Settings > Privacy > Privacy Dashboard — view permissions used in the last 24 hours and which apps accessed them.| Setting | iOS | Android |
|---|
| Location | Ask Next Time / While Using / Precise toggle | Allow only while using / Deny / Permission manager |
| Tracking | Allow Apps to Request to Track (off) | Opt out of Ads Personalization / reset Ad ID |
| Background Refresh | Background App Refresh per app | Background restriction / battery limits |
| Privacy Audit | App Privacy Report | Privacy Dashboard |
Network privacy: VPN, DNS and public Wi‑Fi
Data leaks often happen over networks. I use encrypted connections and cautious Wi‑Fi habits.
Use a reputable VPN when on public Wi‑Fi. It encrypts traffic and prevents local network snooping. I recommend vetted providers like Mullvad, Proton VPN, or ExpressVPN depending on your threat model.Use DNS over HTTPS (DoH) or DNS over TLS (DoT) if your system or browser supports it (Chrome, Firefox, or system-wide settings on Android 9+).Disable auto-connect to open Wi‑Fi networks and forget networks you no longer use.Browser privacy and cookies
Your browser is a hub for tracking. Tighten its settings and use privacy-first browsers when needed.
Use browsers with strong tracking protections: Safari (built-in Intelligent Tracking Prevention), Firefox, Brave, or Chromium with privacy extensions.Clear cookies and site data periodically. Use private/incognito windows for one-off sessions.Passwords, backups, and two-factor authentication
Data access can come through account compromises. Lock down accounts to limit fallout.
Use a password manager (1Password, Bitwarden, or iCloud Keychain) to create unique, strong passwords.Enable two-factor authentication (2FA) for important accounts and prefer authenticator apps or hardware keys (YubiKey) over SMS.Encrypt backups: ensure that iCloud backups are encrypted (iOS offers encrypted backups) and on Android use secure backup options. For local backups, encrypt them and store them securely.Advanced: sandboxing, app store alternatives, and tracker detectors
If you want to go further:
On Android, consider using a work profile or a secondary user for less-trusted apps. Tools like Shelter or Island sandbox apps can help isolate them.Use tracker-detection tools like Hunter, Exodus Privacy (for Android), or mobile VPNs with tracker-blocking features to scan apps for embedded trackers.Be wary of sideloaded apps or apps from third-party stores—these increase risk unless you trust the source.Changing these settings doesn’t require technical mastery—just a few minutes and a bit of discipline. I routinely check the privacy dashboard, revoke permissions I don’t recognize, and uninstall apps that ask for too much. Small changes add up: fewer unwanted push notifications, less unsolicited ad personalization, and significantly less chance that my phone is quietly feeding data about my life to third parties.
If you’d like, I can create a short checklist you can open on your phone to walk through these settings step by step. Tell me whether you’re on iOS, Android, or both, and I’ll tailor it to your device.
