I suppose the distinctions between the OS and “just an app” are blurred on any OS. One might argue anything that isn’t the kernel is just userland software on conventional Linux.
On Android, anything a third party could deliver without system or root privileges is “just an app”. That includes keyboards, launchers, messaging apps, image editors, and smarthome device managers, but not direct management of network connections, notifications, or direct interaction with other apps (i.e. outside of intents or over the network).
If you’ve used an Android device with root access, you’ve seen things that fail this test. Anything that needs root to work can’t be delivered to most Android users unless it’s part of the OS or a system app.
I think even something like Drip is not sufficient in this kind of situation. If the police can compel someone to unlock their phone and decrypt data, then being local-only won’t stop them. Of course it’s a lot easier to ensure that no data exists if it’s local-only and something happens that might attract the interest of the police.
Nothing in this comment should be construed as legal advice.