When “Safety” Apps Become Surveillance Engines

In September, a single misconfiguration in Life360’s Android API turned a “family safety” app into a map of human lives exposed. More than 442,000 users had their precise GPS trails, names, and phone numbers dumped online by a threat actor known as Emo.

The paradox is plain: the very platforms marketed as protection too often become surveillance liabilities. This is more than a technical lapse—it strikes at constitutional debates over the monetization and involuntary disclosure of location data.

The pattern extends to our roads. Volkswagen’s Cariad division left cloud storage misconfigured for months, leaking precise navigation histories of nearly 800,000 EV owners—movements that could be reconstructed with forensic accuracy. Stellantis, maker of Jeep, Chrysler, and Fiat, confirmed a separate breach of its Salesforce database, with 18 million customer records stolen. Even when the exposed data is “only” contact information, the incident underscores how connected‑vehicle ecosystems—telematics, fleet management, and cloud integrations allow connected cars to be rolling data centers and targets.

These events form a single cautionary arc: when GPS tracking is baked into mobility platforms and “safety” apps, the risk is not hypothetical. Misconfiguration, breaches, and monetization schemes can turn convenience into a permanent surveillance archive.

Purism, as a Social Purpose Corporation, exists to break that arc. On all of our Librem and other Purism devices, location access is not a buried software toggle—it is a physical kill switch under the user’s control. We reject “safety” paradigms that depend on harvesting and selling location trails. Our architecture ensures that location privacy is a right, not a feature, and that the GPS chip remains silent unless the user says otherwise. In our world, neither your phone nor your car should be a silent witness against you. This is privacy‑by‑design as a social mission, embedded in our charter, and it is the only sustainable defense in a landscape where convenience is too often purchased with the currency of personal freedom.

That mission extends to the most vulnerable. Purism affirms that well-crafted security for minors can—and must—be designed without surrendering personally identifiable information. Our software architecture enables guardianship without surveillance, allowing parents to configure age-appropriate protections while preserving the child’s digital sovereignty. We reject the false binary that safety requires data extraction. Instead, we build systems where consent, control, and privacy are foundational—even for those too young to assert them.

This ethical foundation is codified in Purism’s Digital Bill of Rights, which affirms that privacy, security, and freedom are not optional—they are essential. We invite every user, developer, and policymaker to read it, adopt it, and hold technology to its highest standard. Surveillance is not safety. Consent is not optional. And digital sovereignty must belong to everyone.

Purism Products and Availability Chart

Model	Status	Lead Time
Librem Key (Made in USA)	In Stock ($59+)	10 business days	Learn More Buy Now
Liberty Phone (Made in USA Electronics)	In Stock ($1,999+) 4GB/128GB	10 business days	Learn More Buy Now
Librem 5	In Stock ($799+) 3GB/32GB	10 business days	Learn More Buy Now
Librem 11	In Stock ($999+) 8GB/1TB	10 business days	Learn More Buy Now
Librem 14	Out of stock	New Version in Development	Coming Soon
Librem Mini	Out of stock	New Version in Development	Coming Soon
Librem Server	In Stock ($2,999+)	45 business days	Learn More Buy Now
Librem PQC Encryptor	Available Now, contact sales@puri.sm	90 business days	Learn More Contact Us
Librem PQC Comms Server	Available Now, contact sales@puri.sm	90 business days	Learn More Contact Us