It may seem that Android was built from scratch to have a sophisticated and strongly enforce system of per-app permissions but many of those privacy-sensitive permissions are poorly delineated and confusing. It’s like many of those permissions are poorly implemented on the apps and the worse thing is that you can’t allow both security and privacy on Android at the same time.
This may be a fundamental problem with the previous Android models as if you install the app with some poor permission system or you avoid installing it at all. Back then, that was an improvement on Apple IOS which didn’t even have the permissions model. But after various privacy scandals, the apps on IOS will be forced to ask for permission but that’s not enough. No apps or services are allowed to collect data as part of those scandals.
In Android 4.3, there were finally privacy protection enhancements but they were removed in later releases. You can unlock this functionality by installing tools like App Ops Launcher that allow you to control most of the privacy-threatening permissions your apps may dare to obtain.
It’s a shame that my Android device is not able to run Android 4.3 and besides, I feel like it’s already risky in trying to install CyanogenMod on it for privacy enhancement purposes. This means, I don’t know if CyanogenMod can work on my Android device even after various research done weeks or months ago. Good thing is that you can backup your apps to the SD-card before you attempt to install this.