Separate UIDs is important, but so is the security policy around them. Does Windows Mobile lock things down to the point that one app can write files out to its persistent store and have some guarantees that no other app can read them? If you were building something like, say, a DRM-enforcing app (e.g., the Kindle app), that sort of thing would be a prerequisite to keeping your secrets safe.