I agree, at least partially. I do think that in most cases, this will actually protect not-so-tech-savvy users from installing spyware.

What i do not like is the “babysitting” approach which is now really bad on ios and android. They act like all users are babies who can’t be trusted with making their own decisions. If I trust the app developer and I am aware that it has access to all files and what that means, I should be able to decide to use my smartphone that way, not the billion dollar corporation behind the app store. However Google can and should protect me by making this decision process easier and more informed, for example by showing what permissions are requested and maybe even a flag which indicates permissions that are not needed for any core functionality. I think that most users should be able to tell malicious permissions apart from actually needed ones.

My messaging app wants access to all my files? I don’t think so. My popular open source file synchronization app requests the same? Sure, go ahead.