Following the Multi-player Storage Tutorial it appears that all data pushed with putFile() are accessible publicly if the publish_data scope has been requested.
What is the recommended way for apps to keep some private information?
Would it be recommended to simply use the option to encrypt, or is there another layer of safety that hides the location of the file, or even to prevent third party access through the framework (at least to the same degree as if publish_data is not requested)? Or would you separate each component into individual apps with varying permissions?
For example, keeping a draft for publication could be private, contacts could be private, etc.