I hear ya (purging tumbler-common will rid all the dependants) but I regard gvfs as a more significant "soft spot". Last I checked, any data/metadata written into the gvfs datastore by an app running as your user, can be read by any other gvfs-aware app launched by your user. Example: user installs "Gnome Maps" ~~ upon each launch, without gaining informed consent (and, in fact, performed entirely out-of-band) it retrieves gvfs-resident geoclue data and transmits your gelolocation to a "partner" remote server. The plausible deniability (er, rationalized justification) for this default behavior:
"user might want to view a 'YouAreHere' local map so, forYourConvenience we preload and cache a 'here' map"
____________
related:
GECOS
accountsservice
^----- known, predicatable, location ripe for exfiltration of personal details via accountsservice -enabled apps (or their plugins//addons)