Alas, no permissions doesn’t fully mean no privacy intrusion/violation. For example, system permissions are not needed to track how many times you calculate 8008135, and upload that statistic together with your IP address to a public website.
But basic internet permission is given to all apps without asking.
But it really shouldn’t be! And GrapheneOS, at least, always asks the user when installing apps that want network permission. If the user doesn’t plan on using any network-based features of the app, they can simply decline.
Alas, no permissions doesn’t fully mean no privacy intrusion/violation. For example, system permissions are not needed to track how many times you calculate 8008135, and upload that statistic together with your IP address to a public website.
Technically the network permission is required
But basic internet permission is given to all apps without asking. Network permission allows things like talking on lan on other ports.
To send data home only the general internet permission that every app has is needed. E.g. you ‘download’ an ‘image’ from https://stupidcompany.com/userbob/8008137_210x_in_24h/alsoclearlynot1337
But it really shouldn’t be! And GrapheneOS, at least, always asks the user when installing apps that want network permission. If the user doesn’t plan on using any network-based features of the app, they can simply decline.