Location requirement to scan for BLE devices

Question

BLE scanning faced a remarkable difference Marshmallow onwards with the requirement of location of device to be ON. Technically, I don't see a valid reason why location would be required to scan for BLE devices. Why has this been done by Google?

Answer 1

Q: Why has this been done by Google?

A: Because BLE scanning is commonly used to determine a user's location with Bluetooth LE beacons.

I discussed this with Google engineers at a Q&A session at Google I/O 2015 when the change was still not released. At the time, my concern was having to ask for Bluetooth LE Admin permissions to scan for location beacons. For me, this was a problem because users understood that my app needed to find a user's location, but did not understand why it needed to administer Bluetooth.

The engineers' response was that location permission (and location on) would be needed to do this in Android M to make this clearer to users. Unfortunately, from my perspective Bluetooth Admin permission is still required for historical reasons.

You can certainly disagree with Google's decision. But the reasoning is clear. If an app can scan for Bluetooth devices and can read their MAC addresses or other identifiers, it can also determine a user's location if the app developer knows where some of these scanned devices are located.

Why the same location permission logic does not apply to scanning WiFi or Bluetooth Classic (both of which would allow the same thing) is less clear. Perhaps it is just that Google was preparing to join the Bluetooth LE beacon game with their Eddystone standard.

Correction: Location permission is required for WiFi scans.