[bozzcl]

Same boat here. I dumped WhatsApp mostly because it's owned by Facebook, which I consider a bit of a privacy risk by itself. On top of that, the app requests access to lots of permissions I don't understand the need for.

Some examples: find accounts on the device, view WiFi connections, retrieve running apps, use biometric hardware.

[Digit-Al]

I can see how the first two might be required.

"Find accounts on the device" is possibly required to connect to your account in order to get your contact list. "View WiFi connections" is possibly needed for getting internet connection.

I can't really see any possible use for the other two though.

I've only looked extremely shallowly at Android development, but I am aware that quite often you need to ask for some particular permission to get access to something that's not particularly obvious from the permission name.

Not trying to give Facebook a free ride here, I am well aware that there is a very high chance they want some of the permissions for "nefarious" purposes. I think companies should have some transparent way of publishing why they want a particular set of permissions.

I have seen companies showing a message along the lines of "we will be asking for <permission> we need to ask this for <reason>" and I do think more companies should do this.

[collyw]

Wifi makes sense, as you can configure apps to only work over wifi (and from what I remember you can do backups only when wifi is available).