Dallas has spent the past few years quietly building one of the more comprehensive surveillance infrastructures in Texas. Facial recognition software deployed by the Dallas Police Department, a city-sponsored camera mapping program, and AI-driven investigative tools have reshaped what it means to move through this city anonymously. Most people haven’t noticed. Their phones, however, have been keeping close tabs all along.
This is not a story about dystopian paranoia. It’s a story about what your Android or iPhone is doing right now while it sits in your pocket on the Katy Trail or across the table at Revolver Taco. The data it collects, the apps it feeds, and the networks it pings are a conversation most of us have been happy to ignore. That conversation is overdue.
The Invisible Paper Trail You’re Leaving Around Town
Every time you open an app in Dallas, there’s a reasonable chance that app is sharing your precise location with advertisers, data brokers, or both. A 2024 report by the Electronic Frontier Foundation found that a majority of popular free apps on Android devices share behavioral data with third parties as a default setting, not something buried in an opt-in menu. That data includes where you shop, which routes you drive, and how long you linger at a particular address.
It’s worth reading Dallas Observer’s earlier coverage of how the Dallas Police Department expanded its facial recognition program to understand the broader context. The point is that surveillance in this city now operates on multiple levels simultaneously: institutional systems run by law enforcement and the data-harvesting machinery quietly embedded in the apps people use every single day.
What Your Android Is Sharing Without Asking
App Permissions Are a Trust Deficit
The average smartphone user has granted location access to somewhere between fifteen and thirty apps. Most of those grants happened during a hurried installation process, when the alternative to accepting seemed to be not getting the thing you wanted. That permission didn’t expire. That app may still be pinging your GPS coordinates at regular intervals, even when it’s running in the background.
Audit your permissions at least twice a year. On Android, go to Settings, then Privacy, then Permission Manager. You will almost certainly find apps with location access that have no reasonable business requiring it. A flashlight app does not need to know you’re in Deep Ellum. A coupon aggregator does not need your coordinates at two in the morning.
Public Wi-Fi Is Still a Problem
Dallas has expanded its public Wi-Fi presence significantly in recent years, particularly around public transit corridors and downtown commons. That’s a convenience with a cost. Open networks can be intercepted by anyone nearby with the right tools, and the browsing habits or credentials you transmit over them are not inherently protected.
Using a reliable VPN on mobile is no longer an enthusiast move; it’s basic hygiene for anyone who regularly connects to networks outside their home. Tools like ExpressVPN for Android encrypt your internet traffic at the device level, which means that even on an unsecured network, what you send and receive is scrambled to anyone attempting to intercept it. This matters especially for users who check financial accounts, access work email, or store sensitive credentials on their phones.
The Apps You Should Actually Delete
Not every app is worth the privacy trade-off. Social platforms with ambiguous data-sharing agreements, weather apps that sell location histories, and shopping tools that build behavioral profiles are all candidates for removal. The question to ask isn’t whether you enjoy the app, but whether the value you get from it justifies what it takes from you in return.
Start with anything you haven’t opened in ninety days. Then look at free apps in categories where the business model isn’t immediately obvious. If the product is free and the company isn’t a nonprofit, you are the product. That’s not a cliché at this point; it’s a documented commercial model that regulators in Europe have moved to curtail while American legislative progress has been considerably slower.
Dallas Has a Patchwork of Protections, But Not Enough
Texas has biometric privacy laws on the books, dating back to 2009, that require companies to obtain consent before collecting biometric identifiers. Those laws have teeth in specific circumstances but leave significant gaps when it comes to behavioral data, browsing histories, and the kind of passive data collection that happens through legitimate commercial apps.
The city of Dallas has taken some steps, including a free mobile threat protection app called Dallas Secure that helps residents identify phishing links and unsecured networks. It’s a starting point, but relying on city-level tooling alone misses the broader picture. Local protections can’t intercept the data leaving your phone through apps governed by policies written in jurisdictions that operate under entirely different standards.
The Electronic Frontier Foundation’s Surveillance Self-Defense guide offers a thorough breakdown of mobile security measures organized by threat level, from basic hygiene to more advanced configurations for people who have specific reasons to worry about targeted tracking. It is one of the more consistently updated resources of its kind and covers both Android and iOS in meaningful depth.
Small Steps With Outsized Impact
Locking down your phone entirely is not a realistic goal for most people, and it isn’t necessary. What is realistic is making deliberate choices at the margin: reviewing permissions quarterly, using encrypted messaging apps for sensitive conversations, enabling two-factor authentication on accounts that matter, and being skeptical of any app that asks for more access than its function requires.
Dallas is a city that tends to value individual agency. The same instinct that makes Texans skeptical of government overreach should extend to the commercial entities quietly building profiles out of the daily movements and digital habits of millions of residents. The tools to push back exist. The decision to use them is still personal.
