So if I download an image from the web with GPS data, and then open it in an app that just reads images (so it doesn’t need location permissions)… That app (on some phones) gets a modified version of the file?

Which could make me think that the image doesn’t have location information.

Which could result in me uploading that file using a browser (that does have location permission turned on) to a website, and I think it’s safe to share because there’s no private information in the image, but my phone has conspired to mislead me.

Yes, that is cursed.

From what I recall they were saving all the packets being broadcast as they drove past. (as opposed to only logging SSIDs)

Edit: Yup, it is as I had thought - but also it was more intentional than I had remembered: https://www.wired.com/2012/05/google-wifi-fcc-investigation/

(unpaywalled link) https://12ft.io/proxy?q=https%3A%2F%2Fwww.wired.com%2F2012%2F05%2Fgoogle-wifi-fcc-investigation%2F