Privacy question about custom ROMs running on Pixel devices

Hello community. I’ve been extensively researching deGoogled products as I’m looking to switch. I noticed that almost all custom ROMs are working with Google Pixel devices. with some (like GrapheneOS) exclusively working on such device.

I have a general question regarding the privacy around Pixel devices. How is the privacy guaranteed since the source code of firmware, drivers, chip, etc. are not public. How do we know if the phone isn’t “calling” home (google server) every now and then with sensible user information? Maybe call back once every 3 months, or something.

I saw the research done by Mike Kuketz but he’s only reporting what happens within a day. And not during an extensive period.

As far as I’m aware no phone manufacturers share the source code of their platform, but considering Google’s business model, why is it still preferred platform of choice.
It looks like the custom ROMs are prioritizing security (Pixel devices getting more timely security patches than other phones) but introducing a serious privacy threat.

Relevant discussion How can Google Pixel be trusted with proprietary firmware?

2 Likes