I have used many apps which dont demands for ops permission work offline , less battery consuming than the google apps work great such as xplorer (fewer permissions), musicolet mp3 player (no permissions)
List item Can such apps be issue for data privacy ?
List item If yes how would they transmit our data ?
List item Can any app communicate with another app installed in the device in the backgroud?
List item Can any game installed in a phone access internet browser app of the phone ?
Older version of android (pre 10) would permit you to read the clipboard on change without requiring any permission (in the background).
You could also take this collected data and encrypt it, then send it as a stats event to google analytics (not sure if google stats works now without network permission, it would however queue the items until you are online).
Once the data is in google analytics you can pull it via API and decrypt it.
Yes hans, I have seen and tested one application on our fdroid which is created by one of our friends to show how any app can access whole applist, proximity sensor without any permission. I forgot the name of app but I have tested that app on my device.
PrivacyBreacher (showcase privacy issues in Android) - PrivacyBreacher | F-Droid - Free and Open Source Android App Repository
I don’t think you could tell if an app is calling specific API methods
at runtime, that would be possible with static analysis of the APK.
Basically, make a list of the method calls, then use apkanalyzer or dexdump or something to see if it is calling those methods. Likewise,
you could look at the AndroidManifest and the methods to see if an app
is setting itself up to receive specific broadcasts from Android, like PACKAGE_INSTALLED.