Okay, first of all I’d like to thank all of you for your replies.
Now, regarding the given solutions. The case & cutout cover idea I had thought of earlier. I am afraid that a (loose) layer between the case and phone is really impractical, because the layer could potentially move, revealing the sensor, resulting in me accidentally pressing it. The layer would need to be adhesive, if I want to prevent it from sliding to the side. That’s why I came up with the sticker idea. I’ve read about the duct tape idea in the linked thread, looks interesting, and will investigate (perhaps tape my current phone in the same way to check its practicality.
Second idea, the nail polish. Would it void warranty? if not, the problem is, if the polish slowly erodes, the scanner might start working again, without a clear indication of when. It would start to read my print again, without me knowing for I don’t know how long. And reading it once is enough. Unless you have some evidence that it permanently disables the scanner somehow?
Now, regarding the safety aspect. First and foremost, I find it annoying that every phone collects more and more personal information as the years pass. I would gladly enter a pin instead of a fingerprint, and I see fingerprint scanning, or any use of biometric data as unethical and superfluous (or any kind of bulk data harvesting for that matter).
A fingerprint is unique, and can only be used once. You cannot change it over the course of your life. Sure, it might get stored in isolation onto the chip encrypted*. But, given the history of hardware backdoors (think of intel IMEI, as a crude example), and the extreme difficulty in exposing them (who will put every manufactured hardware chip architecture under an electron microscope to verify that it has no built-in backdoor structures), I find it hard to believe that the isolation of the validation data onto the chip itself is the standard across all devices de facto. It is only standard if the standard is implemented (correctly). Even if it were secure, I simply do not care. I just don’t want my fingerprint to be used. Is that too much to ask?
I know there’s a lot of alternative fingerprinting methods already in use for data harvesting, such as behavioral uniqueness and browser fingerprinting. I know that if I buy a smartphone, I am feeding the ever-hungry data beast. I know I am hypocritical in a sense. I just want to minimize the data that is collected, especially if it is biometric.
It just frustrates me to no end when I google “physically disable fingerprint sensor”, for example. Instead I seem to only get answers on how to enable the sensor or how to repair it. Another solution given is disabling the drivers, but this is on the software level, not on the physical hardware level. Any backdoor architecture baked into a hardware component of the phone might circumvent the whole ordeal.
There was a time that there were many (or at least more relevant) posts about how to undo a phone’s tracking capabilities. It seems that over time, posts about this are not to be found anymore. Perhaps I am looking in the wrong place. Maybe people have given up on the fight for privacy (convenience won)? Or maybe (puts on tinfoil hat) Google does not like anti-tracking measures taken by people, as it would drop their revenue (A.I. driven data collection optimization reflecting in the search results, maybe?) Perhaps relevant information is only to be found on the deeper layers of the web these days. Whatever the reason, it frustrates me to no end.
I will remove the front camera of the phone, as I have no use for it. I would just like to be able to remove the fingerprint scanner as well. Sadly, now it is part of the core module. I do not suspect Fairphone will look into decoupling the fingerprint scanner (and other sensors e.g. GPS, accelerometer and gyroscope) from the core module, but it is something that I would appreciate very much, and I would like to voice this opinion in my post.
[*] It might not be an image of your print that gets stored, but the bare validation data, resulting from your print is as unique as a picture of a fingerprint is. Once the isolation layer is broken, and this validation data is harvested, in a sense the hacker still has a unique fingerprint identifier. He just has to throw a picture of your fingerprint through the same algorithm used in your phone, and match it with the obtained validation data to confirm it is you.