This research investigates the security architecture of Wi-Fi Positioning Systems (WPS), a technology that enables geolocation via wireless network triangulation. The study focuses on the exploitation of over-permissive APIs and static hardware identifiers (BSSIDs). Through the analysis of data leakage in current implementations, "The Silent Spy" reveals how unauthenticated queries can be used to harvest massive datasets, effectively turning commercial location services into open-source intelligence (OSINT) tools for mass surveillance.