This needs to be fixed. I can think right now of a place it could send someone to prison:

A sheriff's department in the South suspects a woman has left town,might be seeking an abortion and they know her phone number by any of the usual methods.

A detective fires up Signal and sends her a photo of ANYTHING, not indicating he's with the cops. If the target receives the message while in an out of state city containing a clinic known for abortion, that could be enough for a search warrant targetting her phone (for comms) her bank account (for payment information) and social media accounts. This could easily escalate to a conviction and a prison sentence.

In the case you described, if she had her smartphone with her and had a SIM card in it (aka any mobile network enabled, not just mobile data), her location would leak to the ISP with a much higher precision (hundreds of meters instead of hundreds of kilometers). Barely anyone turns off their mobile network at all these times.

Similar with Google and many smartphone apps, they would also leak your location, with much higher precision. Same for some cars and some payment services.

Yes, this sounds like a realistic scenario and yes, this calls for it to be fixed. A fix quite probably won't really protect anyone though.

Google Maps with location on and logged into Google might still be enough to determine not only that someone went to a state containing a clinic but whether they were inside the clinic or not! Google has moved user-visible location history from their servers to devices, but any similar history they use for ads is still subject to subpeona.

Back in 2021, this is how a lot of J6 insurgents were arrested. Cell tower data could not distinguish a spectator outside from an insurgent inside the Capitol, it's just not accurate enough. Google/Apple high precision location can though.

Thus, Google and Apple were served geofence warrants for every phone that was logged into Google or Apple and shown to be inside the Capitol during the time in question. The cops then filtered out all the phones of those who were supposed to be inside the Capitol and got warrants for the owners of all the rest.

Those phones that had location turned off or not logged into Google were not found this way, leading to a lot of J6'ers not being found unless they doxxed themselves on Facebook etc. I think (but am not sure) that phones last seen outside the Capitol that morning and then turned off also led to at least investigations.

I don't know how many of those fascist assholes were careful about data, but some of the cops estimated as many as 8,000 people may have gone into the Capitol that day. Less than 2,000 were ever caught.

I always assumed this was possible, and because of that I use phones with all of Google Play Services as well as Google Maps removed or disabled, and do not have a Google account. This is on top of location off by default.

We must learn not only from our own mistakes but also those of our enemies. We cannot secure anyone's phone by only fixing this issue in Signal, but this makes one less contributor to the problem.

I know Signal was written for general privacy (thus using Google Play Services if present etc) and was not written as a military encrypted communication system. In the current environment globally it sees a lot of use as exactly that however, as people not in state-supported outfits resist repressive governments.

Still, things have improved greatly since I first investigated encrypted radios in summer 2001 for what was to be huge fall 2001 IMF protests. I asked the Counter Spy Shop if they could get military digitally encrypted, spread spectrum radios. They said they could get them but they would cost $5000 each!

Today a cheap Chinese cellphone with all the bloatware and vendor malware removed over ADB, Google Play Services disabled, Google Maps removed, and Signal installed does almost the same job and has global range. Then there's Graphene...