[Zigurd]

If you don't handle SecurityException you deserve to lose. Google made revocation of permissions possible, but then hid the capability. They chickened out. Making permissions revocable is one of the best enhancements Google could make to Android.

[drdaeman]

Developers don't really lose anything. A bunch of privacy-caring nerds who don't let spy on them too much? They're a tiny fraction, and even then, they've increased download counter.

If app doesn't handle exceptions, it's the consumers who are at loss. They either lose their privacy or service. Former is worse (in my viewpoint), but still...

(Obviously, losing some dubious malware-ridden "night vision" app is not real loss to begin with, but there are more high-quality apps that are quite disastrous from privacy viewpoint.)

[Zigurd]

Google has, at least, hinted in this direction. Developers should get a clue. Or they will find more junk data in their analytics, as users deploy more spoofing.

[drdaeman]

There's no incentive to get a clue. Typical users will click through anyway. And, well, if you don't get a clue you get a possibility to spy on your users.

Unless Google will start actively penalizing requesting more permissions than absolutely necessary, nothing will change. And, considering all top market players (including Google themselves) are actually interested in analytics and whatever and not interested in end-user's privacy, it's very unlikely scenario.