[magic_hamster]

> This is a fairly broad problem

Permission greed is definitely an issue but it's still the choice of every developer, and there are still plenty of apps that do not do this. You were right to refuse using the app if you don't trust it.

> Handed over to the American authorities

At least on paper they need to have a reason, unless the corporation is very accommodating which also happens. But some companies are more strict about this and at least in theory accessing private information is not as easy in western countries. Or so I'd like to believe. I'm not sure in China you can tell the government official to come back when they have a warrant in a meaningful way.

> The only real solution is data protection laws

Sign me up! Unfortunately, the current state of things makes a lot of money for some parties, and legislators don't really have an incentive to do anything about this. However, it sends a very clear message when the Pentagon closes the door on some companies or when certain vendors like Huawei or ZTE are banned altogether.

[myself248]

> At least on paper they need to have a reason,

No they don't.

They need a reason to get a warrant. But if they simply buy the data from a broker, they don't need any reason at all, and there is utterly no oversight.

[ryandrake]

> Permission greed is definitely an issue but it's still the choice of every developer, and there are still plenty of apps that do not do this. You were right to refuse using the app if you don't trust it.

In fact, at least for Apple, their app store guidelines have, for a long time, prohibited apps from refusing to work without permissions. The app is supposed to gracefully degrade if the user does not consent to any particular permission. Their language seems to have softened[1] a bit since I last looked at it, but the intent is pretty clear: The developer can't just kill the app or prevent it from being used just because someone denied a permission.

1: https://developer.apple.com/app-store/review/guidelines/