Phone privacy advice tends to come in two useless flavors: “buy a faraday bag” paranoia, and resignation. The practical middle exists — a 30-minute audit that closes the leaks that actually matter, on both Android and iPhone.
Permissions: the honest cleanup
Settings → Privacy (iPhone) or Privacy dashboard / Permission manager (Android) shows which apps hold which permissions — and on both platforms, which used them recently. The audit logic is simple: does this app’s job require this access? Maps needs location; the flashlight app that wants your contacts is answering a different question. Pay special attention to location, microphone, camera, contacts and photos. Demote location to “While Using” everywhere possible, and use “approximate location” for weather and news apps that don’t need your exact rooftop.
Location: beyond app permissions
Both platforms keep system-level location histories unless told otherwise — Google’s Timeline and Apple’s Significant Locations (buried in System Services). Disable or limit whichever you don’t actively use. Photos also embed location by default; both camera apps can strip it, and both share sheets can remove it per-share — worth knowing before posting photos of your home.
Ad tracking: the two-minute wins
iPhone: Settings → Privacy → Tracking → disable “Allow Apps to Request to Track,” and Apple Advertising → off. Android: Settings → Privacy → Ads → delete advertising ID. These don’t stop all profiling, but they cut the easiest cross-app identifier with zero downside to you.
The lock screen leaks
Your lock screen shows message previews, calendar details, and (by default) allows quick-settings access — visible to anyone holding the phone. Set notification previews to “When Unlocked,” require unlocking for the control center/quick settings, and reconsider what your always-on display advertises. Use a 6-digit PIN minimum or alphanumeric passcode; fingerprints and face unlock are convenient and fine for most people’s risk level.
App hygiene
Uninstall the apps you stopped using — every dormant app is a standing data pipeline and future breach exposure. Prefer the browser version of services you use rarely (the website can’t read your sensor data the way an app can). Check both platforms’ “unused app” auto-removal toggles. And before installing anything new, the ten-second check: do its requested permissions match its job?
Network and account basics
Public Wi-Fi is mostly fine in 2026 — everything important is encrypted in transit — but your account security matters far more than your network: a unique password and two-factor authentication on your Google or Apple account guards every photo, message backup and saved login you have. That’s covered fully in our two-factor guide; do it before everything else here, honestly.
What to skip
Phone “privacy cleaner” apps (data-hungry irony), camera covers on phones (the camera light hardware on modern phones is reliable), and VPNs sold via fear (legitimate uses exist — see our VPN guide — but a VPN doesn’t fix any of the above). The boring settings audit beats every product sold for the anxiety.
Related reads
- How to Extend Android Battery Life: 12 Settings That Actually Work
- How to Make Your iPhone Battery Last Longer: A No-Myths Guide
- How to Speed Up a Slow Laptop: The Fixes That Work (and the Ones That Don't)