Use an append-only interface.
Use a local server; or make the computer inoperable unless the network is working (however at some cost in convenience to you in some scenarios).
Yes, indeed. What is the actual threat model here? @Jenny
Local attacker?
Remote attacker?
What type of target device? Portable? Not?
It is always worth considering the flipside of this.
You are creating an attractive cache of information that may be used against you. Which is the greater risk?
If the last decade has taught us anything it is: don’t allow the collection of information without a cost/benefit analysis.