Also wven if it does not exhilarated user data now, it's one update from doing that tomorrow. Quite possible even via a targeted update on some specific people "not in favor".
If it was open source there is some chance a backdoor would be spotted (eq. by Linux distropackage msintainers), but not when a company is pushing obfuscated binary blobs preatty much directly to users.
Well, not directly, for most people that would be via Apple/Google stores.
And of course these stores could have secret functionality for shipping targeted updates.
But if it exists, this means that 1) none of the developers working on the store backend decided to leak info about it and 2) none of the targets have had an expert look at their device to find an unusual update that wasn't seen by anyone else.
Over time, the probability of either of those things happening would be going up…
