Protection of privacy is currently a debated topic with regard to collecting and processing of location data via smartphones. This article seeks to discover whether meaningful protection of privacy is fostered by default location settings and the practice of seeking users' permission by requiring approval of general terms and conditions, or if these instead cause users to unknowingly share location data. The article also asks whether such practices comply with human rights law and European Union (EU) data protection law. Moreover, the article discusses whether it is feasible to adopt transparent, explicit and specific steps to secure user privacy at all levels of smartphone usage, and argues that users should enjoy some control over personal data associated with smartphone usage, including location, and that this control should be executed under a legal arrangement which also secures users' privacy and enables app developers' or operating system providers' lawful purposes with regard to processing location data.