do you know of a way to sandbox apps' data collection? I'm sure I'm using the wrong terminology, but I think that giving fake data to apps that require it is the best middle ground between AOSP with very few apps and indiscriminate data collection. Is this possible?
Conversation
Replying to
A good way is making heavy usage of user profiles. User profiles are almost entirely isolated from each other and apps can't directly communicate or transfer data between them. Each user has a different SELinux MLS level. That's really the best way to partition the data for apps.
1
You can avoid granting any 'dangerous' class permissions like read contacts, read shared storage, etc. but even without any of those apps within the same profile can communicate with each other which opens up a lot of opportunity for accidental data leakage by naive apps.
An OS with extended privacy features with support for providing fake data and an isolated shared storage directly (not aware of an implementation of either that truly works) would still have issues like that. User profiles are actually fully isolated and are a robust solution.