All apps hook into Android’s location services, the reason for this is
- Only one connection can be made to the GPS module at a time
- Prevents polling from multiple apps that may be processing the same data
- Allows smart logic to be applied to polling for coordinates such as aggregating accelerometer data.
It sounds like what you are talking about is that Android (Google) should push this data to one location where it can be accessed by multiple consumers. They do have this, it is called Google+ (Formerly Google Latitude), however most people do not want Google to archive their location data points, nor do they really want ST to do this. So ST has chosen to have their application access Android’s location service and process the events locally on the phone then send that notification of breaching a geofence to the ST API.
In the Google+ method they would have to constantly poll their API for changes to the location or setup a callback to be notified when a geofence breach occurs (not even sure if this is possible on the Google+ API). Added to the fact that Google has been changing their location APIs heavily over the past few years, developers are not quick to jump on using any Google geo-reporting services.
I believe at a minimum we need read-only and control-only users implemented into ST, where they can only view status of switches/sensors, and in the case of control-only can not actually install apps/things or modify smartapps/things. I think most of us would have our spouses/children on the control-only accounts. I understand you concern, she doesn’t want a full tracking app like Life360, and you don’t want her to be able to mess up what you have setup in ST.