There was a big push a few months ago, a year ago, who knows, Internet time is weird, when McDonald's updated their terms of service on their app and added a clause like this. There were a lot of posts on social media, Reddit, fedi, etc to make sure people didn't agree to the new terms or download the app if they never had it.
There are people that pay attention to it, and even research papers done on it. A lot of the common apps started doing it at the same time. Venmo has it, Pinterest, Facebook, etc. things you wouldn't think of that would have cases like this. But certain ones stick out because of the seemingly more real world complications (I mean, venmo could have fraud, Facebook could have cyber bullying, etc), but McDonald's could have health issues, Disney clearly this is the case.
I find this to be a breakdown of training, because the training was pretty clear years ago when I had clearance with the navy that we were never to use apps like this that could disclose location, not just while on-duty or on base, but at any time that our location could be given away. We were specifically not allowed to have Fitbits or other smart watches (Fitbit was the big one at the time) that could share location and any apps that wanted to know our location (yes, on our personal phones) needed to be cleared by IT because we were people that had been granted clearance and therefore could not give away critical location information.
The big scandal that got a lot of people into trouble was Pokemon Go, because not only did it use location, but I guess it used camera too? I didn't know, I didn't play it, but using cameras on base was a HUGE no-no, so using an app that shared location AND picture during your lunch break broke the brains of the COs.
It seems so weird to me that this is something that is so widespread right now. I didn't work for the navy anymore and haven't in a while, but I still follow the basic safety protocols about not sharing sensitive information.