First, you have those who stormed the Capitol and were identified by the NYT based on their phones location [1]. You also have the Substack that used location data to publicly out a priest as gay [2].
You then have the companies selling location data of people who visit abortion clinics [3]. They obtain this location from SDKs that they deploy via apps you may already be using. And if you want to get more dystopian remember that Texas allows citizens to sue anyone for "aiding or abetting a post-heartbeat abortion" [4], meaning that driving your friend Rebeca to a clinic can land you in a lawsuit for at least $10k by people who do this as their day job.
Even if you're not sued, remember that companies have been reliably predicting whether you're pregnant for at least 10 years [5] and using it to influence your behavior in their favor. This one may be the one with the "least bad" consequences but, paradoxically, the one that better drives home the point since nothing here is criminal.
[2] https://www.vice.com/en/article/pkbxp8/grindr-location-data-...
[3] https://www.vice.com/en/article/m7vzjb/location-data-abortio...
[4] https://www.cbsnews.com/news/texas-abortion-law-bounty-hunte...