But some of this data — on the system, that is — is available to all software on that system, at least as things are now. (We could do a lot more sandboxing, but that’s a whole 'nuther layer of work.) Right now, if some third-party app you install wants to copy all of your hardware info, the installed package set, and /etc/passwd, there’s not really anything to stop it.