I have a few more questions about how profiles work and what benefits I can get from them. Let's take a look at this step by step: starting point is a freshly installed GrapheneOS with only FOSS apps in the owner profile.
• Scenario #1:
If I now install sandboxed Google Play in my owner profile, it shouldn't make any difference from a privacy point of view compared to before, right?
Because my FOSS apps don't have any dependencies on Google services and therefore don't interact with them. It should be the same the other way around. Since the Google services are sandboxed and have no permissions, they can't interact with my FOSS apps either. So it makes no difference if they are present or not.
• Scenario #2:
Let's go one step further: FOSS apps and sandboxed Google Play are installed on my owner profile. Now, if I want to install a proprietary app, for example Netflix, I have the option to install it in my owner profile or in a new user profile.
Would there be any difference at all between these two options from a privacy perspective?
As I understand it, a second user profile would not give me any privacy benefit in this case. In the owner profile, Netflix would also be sandboxed, can only see its own files via storage scopes, and otherwise has no way to interact with my other FOSS apps.
• Scenario #3:
The last scenario is to install a proprietary app that requires access to personal data. Let's take WahtsApp. Again, I have the choice to install the app in my owner profile or in a separate user profile.
This time, there is a difference. For WhatsApp to work, I have to allow the app to read my contacts. If that's not a problem, you can install Whatsapp in the owner profile. But if it bothers you, you have to install WhatsApp in a different user profile. There you can create a new contact list, which will only contain the contacts you need.
The conclusion for me from these considerations is that it does not make sense to use a second user profile if you do not use a VPN and only use applications that correspond to scenario 2.
Am I right about this, or have I not considered something?
So my setup will look like this:
• Owner Profile:
◦ install sandboxed Google Play (without account if possible)
◦ revoke all permissions from sandboxed Google Play (network & sensors)
◦ install all my apps (FOSS & GooglePlay)
• Second User Profile:
◦ install sandboxed Google Play (with throw away account )
◦ this profile is only used to update my GooglePlay apps, because PlayStore in my owner profile doesn’t have internet connection. Apps are installed system wide, so updating apps here will update the apps in the owner profile too.
• Third Profile (Maybe)
◦ for my banking apps. More for security reasons than privacy reasons.