Comment by bagacrap

A native app, once installed, basically owns you. With a web app you have to explicitly grant permission for each and every API (of the kinds listed in TFA at least). Are you in the habit of accidentally clicking "accept" in a series of permission prompts? Even if the answer is yes, it's ok, as it's very easy to revoke the permissions in your browser.

There's no way you can argue that a single "grant all permissions" step is more privacy friendly than fine grained permissions.