I'm in the "let them fake it" camp, but at the same time I think the exception throwing version could work, with a single tweak borrowed from iOS: Let the app ask for the permission once, and only once. That way repeatedly bugging the user for the permission won't work as a strategy.