Walking back Scoped Storage

What to expect from Google I/O 2019, ArsTechnica covers Scoped Storage.

'In Android Q, "Scoped Storage" is the idea of limiting storage access as much as possible, even for apps that need access to storage. Each app gets its own "isolated storage sandbox" on a device, and this private chunk of storage requires no permissions for its owner app to read and write to. Access to shared data still requires permissions, but instead of a single "all storage" permission, access is now broken down into four collections: "Photos," "Videos," "Music," and "Downloads." Photo Exif data can include the GPS location of where a photo was taken, so to prevent the user's location from leaking via the photos permission, there's also a new "Access media location" permission.'

With all the pressure on social app makers to improve privacy and confidentiality. We now see Google introducing the POLA (the principal of least authority) to both client and server. Really a back-fit of permissions toward object-capabilities in the computing ecosystem from OS to the User. page