Finer grained controls...
I see several posts here asking why Android can't have finer grained control over what information is used for what. For example, an application (e.g. a mapping app) may need access to both location data, and internet access, but you wouldn't want it sending that location data over the net for advertising purposes.
Unfortunately, because Android apps are written in Java, which has no data 'tainting' (AFAIK), once this information is given to the app, there is no way of knowing whether the app is passing it on to a server somewhere, without having controls on the execution of every line of code. This is clearly impractical.
Some languages (such as PERL) have a concept of data tainting. For instance, with this turned on, data entered by a user cannot be executed as code, without first being 'untainted'. In the same way, a variable containing personal information could be marked as tainted. Any variable then being assigned from this value would also be marked as tainted. Without explicit permission, tainted variables could not be used to generate content sent over the internet. problem solved. Unfortunately, as I said, I don't think Java has this functionality.
Of course, this does raise the issue that if you have too many different access permissions, users are more likely to gnore them. Also, there will always be plenty of people who don't realise, or care about the implications of allowing an unscrupulous app developer access to all of your personal information.
I don't see how this is solely an Android problem anyway; surely the same technical problems exist for any platform that can be given access to both personal data, and the internet.