It means improved settings to keep third party applications from looking at your shit.

May or may not apply to Google applications/services. I can revoke a lot of permissions to them already, btw.

This is a non-issue. If you are sending out data that isn't encrypted, then anyone could intercept it, not just the modem. You know how wifi networks and the Internet infrastructure work?

Sorry what? You can go in your Android device App settings and you can disable the Play store and Google Play Services (the Google stuff runtime) entirely. You can't remove it as the base application is stored in the read-only system partition, but any update is deleted and the application is shut down and becomes unavailable.

Same is true for most other system apps on decent phones.

It's more often the other way around: The firmware (in the modem, DSP or whatever) grants memory access to the main cpu when it wants to boot.

Yes exactly. So all applications you use need to encrypt/decrypt data they send and receive. This is how it should be indeed. But when you make a standard phone call is voice data encrypted? I admit I have no clue about that

On my Google Pixel 2 XL phone with updated Android 9 - "Google Play services" cannot be disabled. "Disable" and "Force stop" buttons are grey - cannot be pressed. Another issue is that there is plenty of other Google services - there is a lot of it, perhaps some of them are needed, other are completely unknown, for sure many of them have "telemetry" and "call home" functions that cannot be disabled.

Adding that owner of the phone do not have administrative rights (i.e. without rooting) - it means that the real owner and administrator of phone is Google. Google kindly giving rights to use their Android system, but they could always "remove access" if they want. It is better visible in iOS or Windows - user need to have company permission to use system (so called "activation" before first use).

No. Normal calls are not encrypted.

Although they are run through their own channels and equipment, and it's all digital so it's not as easy (and cheap) as intercepting raw TCP/IP traffic, or a child's play as intercepting analogic landline phone (i.e. the old wired phones)

Somewhat unexpected for a Google device, y'know.
For applications you can't disable, you can still revoke permissions. I have Memory, then Data Usage and then Permissions

Not really. Afaik only services that run independently from the Google Play Services main application thing are the calendar and backup sync, which won't work at all if you did not provide a google account.

It's more complex. Android does not have a concept of "administrator" with full power over everything. Each thing has a permission list, even Google services aren't running as root. "root" is a basically a dirty hack, a developer mode that bypasses all permissions.

Of course the OEM does provide software updates and could decide to "remove access" whenever they want with a specific update, but even normal Linux distros could do that.

Really, the OS is not your own property just like Linux is not your own property either (GPL does not transfer ownership), you are just providing a proof that you are entitled to use it. Does not make them the owner of your system.

With most distros you need to accept some kind of license, the fact that you don't need to pay does not make it any less "permission to use". Unless you agree to the license the installer won't start.

Does that make the distro maintainers the owners of your system? no it does not.

OK so you can't guarantee privacy

Is it how NSA spies calls?

Voice as starshipeleven wrote.

Don't you feel the irony? You talked too much it seems. Admitting not knowing something is so much better than looking stupid