TL;DW
LINDDUN card deck PDF for reference: https://downloads.linddun.org/linddun-go/default/v240118/go.pdf
TL;DR: Out of iPhone, Pixel, Android, AOSP forks, and GrapheneOS, the answer is GrapheneOS by a country mile.
GrapheneOS sometimes sacrifices privacy for security.
I had way more privacy related features and controls on a rooted LineageOS phone (which was obviously much less secure)
Such as? Been thinking of flashing GrapheneOS since I got a Pixel on the way.
Grapheneos has some unique features that simply no other mobile OS has. It is insane solid for security, but that does not make it lose anything in terms of privacy.
Starting with the fact that it comes with only the bare minimum of apps necessary for a functional mobile device (anything else you have to find, choose and install yourself).
Without digging too deep into the technical details of the software itself, the first "shit, I love this” factor for me begins with the storage scope and contacts scope. This is one thing I’m not willing to live without anymore. Pretty much every app, proprietary or otherwise, will ask for access to storage. With scopes you can provide access to a folder of your choice,even create a folder for each app if you want, effectively blocking every other app from potentially snooping into other apps storage.
The same holds true for contacts. Signal (Molly in my case) asks for access to contacts, but I have no need for that, as everyone I talk with over Signal is already there. But if someone new comes around, I give Molly access to that one contact and add them to Molly. My jmp.chat runs on Cheogram, and I only use it for my US and Canada contacts, so I don’t have to provide Cheogram access to anyone outside North America. Same thing with my VOIP service for work and so on.
The level of granularity achieved on permissions is just epic. I even tried to use stock pixel 4 days ago, kept it for 3 days, and had to roll back to Graphene last night because I couldn’t stand the constant nagging on the phone (and I disabled everything Google in it except the Play Store, for which I did disable everything but network).
I have no respect for Micay and his band of narcissistic developers with a god complex, but that doesn’t remove the fact that GrapheneOS is light years ahead of any mobile OS out there in terms of user control for privacy.