I find the idea of capability based access control quite interesting 
It’s worthwhile to mention that this is apparently also being looked at by the big players: Google is currently developing a new (mobile?) OS called Fuchsia, that is supposedly built around a capability based model as well.
That being said, i dunno about this from the user perspective. Either apps would have to request these capability tokens when they need them, in which case it would look pretty much the same as the permission based model from a user perspective. Or users have to “manually” create capability tokens and give them to an app, which adds lots of more steps to the process and makes it more difficult to understand for many users.
Furthermore, capabilties are still between the data and the app, which would discard the idea of prohibiting sharing of data as opposed to prohibiting access to data.