Read data about contacts doesn't sound unreasonable for an app like Path though. Facebook uses that permission to sync contacts if you want, and I don't see any problem with that. Unfortunately, reading data means they can store it, off device, independently of the install state. That's a difficult problem to solve, but I don't think users should be expected to expect this as a result of that permission.

Exactly. WhatsApp wants permission to practically everything possible, because it offers various features on top of these permissions. Yet it never spammed anyone so far from what I can tell.

They might not spam users, but they don't let you delete contacts. So in short: once they grab your contact list, it's theirs.

Can you actually prevent an app from using one or more of those permissions? Like can I give it permission to my camera but not to the call log?

There is no official support for this AFAIK. Some 3rd party ROMs like Cyanogenmod have this functionality built in, though, and if you root your phone there are apps like "Permissions Denied" that you can run to do this.

I'd assume the reason Google is somewhat hesitant to offer this officially is that many apps don't deal well with this -- some do degrade gracefully, while others end up throwing task-ending exceptions because the app code just never planned for not being able to do some task which requires permissions declared in the manifest.

There is a simple solution for managing permissions for poorly built apps: serve them empty or fake data.

Every app already has to consider the case of GPS being unavailable indoors, the contact list only having one person (yourself) in it, or the camera picture being black in darkness.

Yes, that is a very good idea.

I'm sure some apps will fail anyway because they just never expected a contact list of 0 entries, but the list should be much smaller in that situation (mostly limited to those who do virtually no QA).

Sounds like a huge time investment and you risk bricking your phone? Doesn't seem worth it.

I have always wondered why Google doesn't add this feature. Creeping up the ladder of permissions is a problem in Android, and the user's choice is all or nothing. This can become a bad choice: Add a permission, or lose access to the data an app is keeping for you.

It would be easy enough for developers to catch security exceptions that Google would find little or no developer fall-off due to a requirement like this.

No. Only on some custom Android builds.