I agree about a) but b) does not make sense to me, otherwise you cannot instal the app in the first place. I think that a quick internet search about the apps privacy is sufficient for b), definitely better than automatic updates. And it does not have to happen for every release.
Given that it's impossible for a user to vet each update's content effectively.