I recently shipped Kofte, a digital knitting counter. The architecture is as simple as it gets. It uses a local SQLite database and a native Android UI. There are zero network requests written into the application code. In a sane world, I would compile the APK, host it on a server, and let people download it. But software distribution does not work like that anymore.
If you want normal people to use your tools, you have to meet them where they are. That means navigating the walled garden of Google Play.
The open source community will tell you to just publish on F-Droid. I love F-Droid. It is a brilliant repository that actually respects user freedom. But my target audience is not going to enable developer options, ignore three separate Android security warnings, and sideload an alternative app store just to count rows on a sweater. If you build tools for the general public, you are forced into a centralized ecosystem.
That is where absolute privacy purism hits a wall.
The friction starts the moment you upload your Android App Bundle. You might have written a perfectly isolated offline app, but the host operating system is heavily instrumented. Google Play Services hooks into everything. Even if your app lacks the INTERNET permission in its manifest, the Google Play Console will start populating with data. It aggregates install metrics, uninstalls, device models, and Android API levels. If your app throws an unhandled exception, the OS-level ActivityManager catches it and offers the user a prompt to send a crash log back to Google. You get a dashboard full of analytics you never wrote a single line of code to collect.
Then you hit the monetization problem. Kofte operates on a one-time purchase model. To process that transaction without getting banned for bypassing store policies, I am required to bundle the Google Play Billing Library.
Here is the weird part. My app still does not make direct HTTP requests. The Billing API uses AIDL to make local IPC calls to the Play Store app already running on the device. The Play Store then pings Google's servers to verify the purchase token. My app stays technically offline. The device phones home on its behalf.
This is where most indie developers get sloppy. I see landing pages that claim zero data collection. The reasoning is always the same: "I didn't import Firebase or Mixpanel, so my app is private." That ignores everything the OS and the store are doing underneath. If you did not write the tracking code, you can pretend it does not exist. But it does.
If you market a product on privacy, you owe your users the full picture, not just the parts you wrote.
If you want normal people to find your app, you ship through the Play Store. The Play Store collects data whether you like it or not. That is the trade. The honest thing to do is say so, explain what the platform collects, and draw a hard line at adding anything on top. You cannot stop the platform from being the platform. You can refuse to make it worse.