> It proves what the ad company Google itself could have done had they not been an ad company.
I think you make fair points, but I think this does not prove anything. CopperheadOS has a different user base than Android. A permission model that CopperheadOS users understand (e.g., CopperheadOS users are likely to be more technical) may not work for Android user base.
Their existence proves what was possible in stock Android. Why it didn't happen that way is open to speculation.
Personally, I feel it was because Google's main business did not, and does not, provide any incentives to design stronger permission and privacy models because it itself depends on collecting information about users.
Was usability also a factor? It may very well have been.
However, I disagree with a thinking that uses usability as an excuse to treat a user base numbering in the hundreds of millions as a homogeneous set who don't know anything, and who can't learn anything new.
People fall in a spectrum of capabilities, and more importantly, every individual is capable of moving around in that spectrum with time.
For example, a non-technical user who started out giving one app all permissions may realize their mistake when their email or phone number turn up in google searches, and become more careful with other apps.
Stock Android could have catered to that and standardized on a very granular runtime permissions as the default model. They already had existing ACL models like iOS / Windows policies / SELinux to copy from. They could have left the simplification to the market - the equipment manufacturers and users - to decide. But stock Android made it a binary all or nothing choice for a long time, and left it to equipment manufacturers to provide any additional protection, who of course didn't implement anything either because they too had no incentives to protect user information or standardize the security APIs.
Even now, Android's runtime permissions, while comparatively more granular, are not granular enough, and in practice become a binary choice where some apps refuse to work if a particular permission is not granted.
I have also noticed how Google in their PlayStore keep the permission information hidden away in an obscure location at the bottom of the page, and don't provide any way to filter apps by permissions. How do I search an app that lets me draw on images without asking for contact book information? Not possible without opening every app's page and checking their permissions. I usually try a bit, give up, and head back to gimp on desktop. Is it for better usability? Does better usability mean keeping users ignorant and uneducated? I think it's not a good approach, and based on anecdotes from my personal network, I also think it's a mistaken assumption.
I think you make fair points, but I think this does not prove anything. CopperheadOS has a different user base than Android. A permission model that CopperheadOS users understand (e.g., CopperheadOS users are likely to be more technical) may not work for Android user base.