I'm really over trying to fight companies on this on an app-by-app basis. If we want this to stop, it has to be through legislation. Either we allow companies to do it and stop acting shocked when it happens, or we legislate the possibility away.

Probably the likeliest solution is at the software level. There's no reason there couldn't be software to send fake locations to apps that you don't make an explicit exception for.