After years of observing privacy OS for the phones, this is my conclusion on Phones’ operative systems:

· Android variants locked by a telephone carrier are absolutely the worse, both in privacy and security.

· The rest of OEM Android variants come next, absolutely bad on privacy, but also in security since most phones carry updates for very limited time.

· Newer Google phones (Pixels) at least have several years with security patches, in privacy still bad though.

· iPhones… Good with security (as Google’s) and in privacy… well, it depends; with 3rd party apps is quite good, but Apple has full control of everything and, since it is not opensource… Who knows what it does or does not. Now, there has not been cases brought to justice as evidence from what Apple claims is encrypted end-to-end so there is that. However, if I am an US intelligence agency I would also prefer to have a minimal access to iPhones reserved to critical cases and never reveal that to the public by using it as evidence in courts than revealing my access to iPhones and consequentially destroying the entire scheme permanently (and a trillion dollar industry!). In brief, iPhones are an acceptable device for the average consumer or those with minimal ‘phone hygiene’, but, for instance, certain high-stake journalists, politicians and organizers should however avoid them.

· Then we have these customized Android OS; The OP has included I great continuously updated site listing them. However, that list is too detailed for most since just a single app you install can place the entire privacy benefits of these OS pointless. There is no need to mention GrapheneOS is the one who, point by point, take privacy and security to the maximum level, while the others, in different degrees, try to bring some short of compromise with compatibility. With GrapheneOS’s recent compartmentalization of Google apps option, it has really dented competitors like LineageOS, /e/, etc… Now, I have to say, if I were a high-stake journalist, I would think twice using a Google Pixel device (the only one that work with GrapheneOS)… I trust GrapheneOS software, but what the Google chip could potentially do, no so much. I would trust more sending a secured message in a Sony device loaded with /e/ at the cost of not having updates (unless someone is being able to have physically access to it that is, if the device is in the hands of an adversary, I trust a Pixel 7 one thousand times than any Sony Xperia 5… I hope you understand what I mean. Any of these OS are** the best option for those that have an acceptable phone hygiene (choosing apps with some rigor and giving them access only for what it is needed)**.

· Finally there are the non Android based, mainly based on Linux. Linux Touch, PureOS, etc. but none has ever got beyong an experimental stage. I had really rooted for Sailfish OS since its very beginning, but unfortunately, most of them came much earlier when the market wasn’t demanding them, and now that the market demands for these, the effort and funds had been completely depleted on those types of initiatives. What puzzles my is how mid-sized phone companies never funded these privacy initiatives (looking at you Sony Ericsson , HMD’s Nokia, Alcatel…, they should have been able to have forecasting this trend since Snowden.)

To conclude, I just wanted to say, for the community, no so much for the individual, the importance of number of users in an OS/App and, paradoxically, the diversity in the market too. Market size for an opensourced OS is critical, because it increases the chances of being constantly audited… I am sorry, but the overwhelming majority of opensource OS and apps do no go through any audit at all (hopefully will put an AI scrutinize all these soon!) so they give a false sense of being non-malicious. But diversity is important too… Everyone relying on GrapheneOS alone, although considered trusted today, would be dangerous and would be bad from multiple fronts; Google may be compelled to lock bootloaders, governments may introduce backdoors for the chips since dealing with 1 manufacturer is easier to deal in secrecy with 6, GrapheneOS could relax its fight for privacy if there was no competition, etc… So, the mere existence of different OS CalixOS, SailfishOS, iodéOS, ect… Benefits all of us, even if not used by you.

And to answer the OP more directly, what do you give up by using a GrapheneOS (besides being forced to buy a Google device), well, no much since you have the option of installing Google services in a second profile or compartmentalized in your main profile. This, of course, would have your device communicating with Google’s servers, but the info it can collect would mostly restricted. MicroG is potentially more private than creating a Google account (even if an anonymous one), but some claim is less secure too so I leave it as equal.

In conclusion, if you can live without installing Google services or juts just need it so sporadically that you only need to install it in a secondary profile, and you tolerate a Google Pixel go with GrapheneOS option. If, however, you are not a fan at all of having a Pixel, or need to have Google services constantly running, I would consider instead iodéOS, /e/, etc.

I would shortly say LineageOS for customisation (root, microG) while being insecure and somehow private While GrapheneOS is private, secure out of the box that customisation is possible (rooting for example or Shizuku) it’s security burden and flaw and defeats the purpose of the OS.

iodeOS I haven’t used so Idk