Here is a copypasta why you should not be a stupid fuck using a phone
Your every interaction with an android device is logged. When you tap, it spews log entries. File names and details are logged. Every time URL is passed to app or between app and helper such as downloader used by browsers, it gets logged. These logs are silently uploaded. Google gets what ever they want, app developers get logs from their own apps, manufacturers may take every log entry from every app on device (as Amazon did with Kindle Fire). You have no control over what is logged and who gets it. Some apps sell their collected data. Multiple parties have records of your activities on your device held permanently. Both your manufacturer and your carrier can silently push software onto your device. Law enforcement agencies have worked with carriers in past to push spy software onto targeted phones. If they do not wish to go through carriers, then there are routinely-discovered vulnerabilities in phone's software and mobile baseband firmware that allows phone to be silently accessed and controlled over radio. This can be done with Stingray devices such as those sold by NSO Group.
Changing SIM changes your IMSI but not your IMEI. IMEI is unique ID built into phone itself. Both are recorded by mobile masts. They are also logged by apps to uniquely identify your phone. So all you accomplish by changing SIM is linking multiple SIM's together as owned by same person because they are used with same IMEI (same device).
Location of your device is continuously logged and history is kept by mobile provider. This happens even if you disable location services in phone. Mobile providers routinely provide this info to LEA and in some countries, including the US, they even sell your location history. If you used your own Google account or any other account in your own name on a device, it is effectively registered to you now, because IMSI/IMEI is tied to your account as convenient unique ID. All of your logged activity is also associated with this ID. Unless your phone itself was purchased with cash, its IMEI is connected to you. IMSI/IMEI is connected to your location history. If mobile masts have you triangulated to your home, then any one who wants to look can see that it is you.
The Intercept wrote: In 2008, authorities used a StingRay and a KingFish to locate a suspect who was using an air card: an internet-connectivity device that plugs into a computer and allows the user to get online through a wireless cellular network. The suspect, Daniel Rigmaiden, was an identity thief who was operating from an apartment in San Jose, California. Rigmaiden had used a stolen credit card number and a fake name and address to register his internet account with Verizon. With Verizon’s help, the FBI was able to identify him. They determined the general neighborhood in San Jose where Rigmaiden was using the air card so they could position their stingray in the area and move it around until they found the apartment building from which his signal was coming. They then walked around the apartment complex with a hand-held KingFish or similar device to pinpoint the precise apartment Rigmaiden was using.
These devices leave your data all over them. They have caches of contents of RAM (including passwords) and images from your display. Even if you use wiping software, some caches are not accessible without root and flash wear-leveling means that no data can be wiped with any assurance. The built in encryption of android and apple devices has a backdoor which enables law enforcement agencies to access files.
Google “Assistant” records users' conversations even when it is not supposed to listen and Google workers listen to voice recordings.