Permissions that can have a large impact on user privacy should be requested only if they are really necessary to implement critical features of an application.