Also, any data information collected by a US company also has 'a nonzero chance of being handed over to the American authorities for any reason whatsoever'.
The only real solution is data protection laws that can be enforced not just by governmental authorities, but also by individual and class-action lawsuits against companies that violate those laws.
I don't know how iOS works, but on Android location data permissions are requested for anything involving networking (including Bluetooth, WiFi). Why? Because access to those could be used to estimate where the user is physically located, so gating it behind the location permission is a good way to ensure nobody exploits that. It's not necessarily obvious when you're presented with the permission screen though.
I used a few apps that utilize Bluetooth without asking for location, even when they aren't the obvious use case (like headphones), although admittedly it's been a while since then.
Afair, I don't recall the Mimo app asking me to turn on wifi for the stabilizer. But maybe yes and I just turned it off after connecting to the device. The operation of the stabilizer is through Bluetooth.
Permission greed is definitely an issue but it's still the choice of every developer, and there are still plenty of apps that do not do this. You were right to refuse using the app if you don't trust it.
> Handed over to the American authorities
At least on paper they need to have a reason, unless the corporation is very accommodating which also happens. But some companies are more strict about this and at least in theory accessing private information is not as easy in western countries. Or so I'd like to believe. I'm not sure in China you can tell the government official to come back when they have a warrant in a meaningful way.
> The only real solution is data protection laws
Sign me up! Unfortunately, the current state of things makes a lot of money for some parties, and legislators don't really have an incentive to do anything about this. However, it sends a very clear message when the Pentagon closes the door on some companies or when certain vendors like Huawei or ZTE are banned altogether.
No they don't.
They need a reason to get a warrant. But if they simply buy the data from a broker, they don't need any reason at all, and there is utterly no oversight.
In fact, at least for Apple, their app store guidelines have, for a long time, prohibited apps from refusing to work without permissions. The app is supposed to gracefully degrade if the user does not consent to any particular permission. Their language seems to have softened[1] a bit since I last looked at it, but the intent is pretty clear: The developer can't just kill the app or prevent it from being used just because someone denied a permission.
In order to use bluetooth or internet access through wireless means you must request location access because it's assumed that you can match a person's location with the access points and bluetooth devices around them (BL beacons). It sucks but Android is semi-right on it. Something that doesn't use wireless means of communication doesn't need location access.
You're confused: Their primary business is data marketing. LAN analysis or anything useful the apps might do are a side business at best.
