Most modern browsers allow websites to request your geolocation. This has legitimate benefits, as it allows websites to tailor their services to your individual needs and makes it easier for them to provide location-specific features.
It is also something of a privacy nightmare, as your browser can blab your real location to websites even when using a Virtual Private Network (VPN). Fortunately, this feature is opt-in by default and you can choose whether to use it on a case-by-case basis. You may, however, wish to turn it off altogether.
How does HTML5 Geolocation work?
The exact details of how geolocation works varies depending on browser. Desktop browsers combine clues such as your IP address, browser user agent information, and a list of detected Wi-Fi networks in your area together their signal strengths to estimate your location.
If this sounds scary, it gets worse on mobile devices where the above information is combined with mobile phone tracking data to pinpoint your location further. This includes your GPS data, mobile network information, and your phone’s unique IMEI identification number.
How accurate is geolocation?
In my tests, pretty darn accurate! Despite having a VPN enabled, mylocation.org was able to locate me to my actual address when using a desktop browser with its Browser Geolocation feature. On a phone, accuracy was to a few feet!
But don’t panic!
Browser geolocation support is opt-in
By default, all browsers will ask your permission before sending geolocation data to websites.
It is possible, however, that you (or maybe a family member) have changed accidentally your browser’s settings to enable geolocation by default. It is also common for malware to change browser geolocation settings.
VPNs and HTML5 geolocation
A VPN will hide your IP address from websites you visit, but this is bypassed if you permit the website to use geolocation.
As just noted, your browser should ask for permission before sending this data, but it is possible that it won’t. Sending geolocation data may cause a page to block you if it doesn’t allow connections from your location.
If a website can detect your location when you have a VPN running, the first thing to do is check that you don’t have IP leak by visiting ipleak.com. If on that page you can see any IP address belonging to either you personally or your Internet Service Provider (ISP), then the problem is an IP leak - not HTML5 geolocation.
Please see A Complete Guide to IP Leaks for more information and guides to fixing the problem.
Once you have checked to ensure that an IP leak is not the culprit, then you can try manually disabling geolocation in your browser.
Websites that Block VPN Users
It is increasingly common for streaming services such as Netflix and BBC iPlayer to block VPN users when they detect them. This is because many people use VPNs to watch content that is restricted to audiences in certain countries for licensing reasons.
It is important to understand, however, that these services do not somehow know where you really are. They simply keep a database of IPs known to belong to VPN services, and block anyone trying to access their website using one of those IPs.
Preventing IP leaks and disabling browser geolocation will do nothing to overcome such a simple but effective tactic.
How to Disable HTML5 Geolocation
You can completely disable geolocation in your browser using the following methods:
Disable Geolocation on Firefox (desktop and Android)
- Enter about:config into the URL bar and click “I accept the risk” (desktop only).
- Type geo.enabled into the Search box and then double-click its entry to set its Value to false.
Disable Geolocation on Chrome (desktop)
Go to Menu (≡) -> Settings -> Advanced -> Privacy and security -> Content settings -> Location and toggle “Ask before accessing (recommended)” to Blocked.
Disable Geolocation on Chrome (Mobile)
Exactly the same as above, except go to Menu (⋮) -> Settings -> Site Settings -> Location.
Disable Geolocation on Safari (macOS)
Go to Safari (top left on Task Bar) -> Preferences… -> Websites - > Location. Select “Deny” for any listed websites you do not want to your geolocation. To prevent all websites from accessing geolocation data in the future, select When visiting other websites: -> Deny.
Disable Geolocation on Safari (iOS)
Go to Settings > Privacy > Location Services -> toggle button off.
Disable Geolocation on Microsoft Edge
Edge is a Windows Store app, so to disable geolocation go to Window’s Start -> Settings -> Privacy -> Location and toggle “Location” to Off.
Disable Geolocation on Microsoft Internet Explorer
Go to Menu (cog icon to top right) -> Internet options -> Privacy tab -> Location and check “never allow websites to request your physical location” -> OK.
Disable Geolocation on Opera
Go to Menu -> Settings -> Websites -> Location and select “Do not allow any site to track my physical location.”
Disable Geolocation in Browser: Conclusion
Although HTML5 browser geolocation can be very invasive when it comes to privacy, it is not usually a problem as the feature is opt-in by default.
If you are of a paranoid disposition, however, or if a website knows where you are even with a VPN turned on and after you have checked for IP leaks, then you can try disabling geolocation in your browser.
Image credit: By Nucleartist/Shutterstock.