I'd say a normal phone is a lot worse than smartphones in general, unless you don't care about all your communications being readable by the carrier. With a smartphone you can make actually encrypted calls and texts over trustworthy applications/protocols (Signal, Matrix, Simplex, etc.), on a phone you're stuck with the carrier service; another thing that comes to mind is the storage, as far as I know there are no normal phones with an encrypted filesystem while it is default for a long while on Android.

On the other hand, if your new smartphone model isn't loaded with a privacy respecting ROM you'll also have at least some data sent to other third parties like Google and whatnot, but if you can change the ROM, then the potential for better privacy far outweighs the benefits of normal phones doing fewer things with your data by default. If you're going to use your new smartphone like an old phone, to make carrier calls and SMS, then there will be near to no improvements (except storage security maybe) and as you say, more data snooping

Probably your best option now is getting a pixel phone and flashing it with graphene os.

If you can't get a pixel phone you may want to use something like lineage os and make sure you don't add any Google services to it.

Yes, that is an overreaction. In my opinion, you should take your privacy precautions as far as you wish without significantly affecting your everyday life. Refusing to use your smartphone/not enjoying the experience because you are anxious about the data it is leaking suggests to me that you've gone too far down the rabbit hole and need to pull back a bit. There are measures you can take to increase the privacy of your smartphone, even if you can't install an alternative operating system on it and need to use default Android. No it won't be as private, but if the alternative is selling/returning this new gift then perhaps sacrificing some of your privacy is worth it (that's something for you to decide).

The reality is that most people around the world have absolutely zero concern for their privacy and security and get by in life without any issues at all. It's good to be informed and take precautions where necessary but it is statistically extremely unlikely that you will notice any negative change to your life because you choose to use a regular smartphone. Making choices about your privacy should come from a place of empowerment - you should feel good about them. If you are making choices because you are scared/paranoid, you probably need to take a step back from online communities such as this one. They can be useful sources of information but you can also get easily overwhelmed with information and/or try to change too much, too quickly and end up living and extremely paranoid and limited life. People who do this often then burn out and just give up entirely on their privacy, when a more moderate approach would have actually benefited them more long-term.

If you're really only making phone calls, the built in location tracking is probably the biggest issue? AFAIK, you can only use an off the shelf iPhone with an Apple account, and a similar Android phone with a Google account, so your location will be tied to and referenced with those.

Apple have branded themselves as guardians of their users' data, so many consider that a safe assurance. YMMV but it may be slightly better than Google's Dodgier approach. When in doubt, go to settings and turn everything off you don't use, location services foremost.

You may want to disable other apps that come with your phone as well. Basically anything you don't use. I don't know how much data can be harvested from background services of an app that doesn't have a user signed in, but at this point I'd err on the side of caution. Plus, as you say, your position can always be approximated by your mobile carrier through the cell towers you're connected to, but that goes for dumb phones as well.

Personally, I only use Android smartphones with custom ROMs like LineageOS without installing the Google apps or services framework because I Just Don't Use Google. Instead I install microG to spoof the GSF to apps that require it. That's a privacy compromise I can live with because I use my phone as an internet device as well. Needless to say I take privacy precautions on an app level as well.

If your concern is whether your cellphone carrier has the ability to see who you are calling and for how long, this is true whether you have a smartphone or a “regular” phone.

Your concern is well reasoned. A smartphone is a much larger risk surface compared to an application specific dumb phone. Running an entire operating system, increases the number of exploitive holes you could be running it anytime. You're almost guaranteed to be running at-risk software.

You can mitigate that risk, by using graphene as people have discussed. But if you truly don't care, get another dumb phone. It's hard to exploit the remotely, it's hard to install software remotely, Pegasus doesn't try target them. It's a smaller risk surface.

That being said, if you want some of the benefits of a smartphone. You can do so limiting your risk surface. Run stock Android, or graphene,. Make sure you're okay with the permissions you provide. And most importantly keep your software up to date. That's a reasonable level of paranoia versus utility trade-off

https://eylenburg.github.io/android_comparison.htm

My 2 cents: I have a similar relation with smartphones as yours.

In my case, what I fear the most is some app getting my contact list and using it to send some kind of "XXX has joined YYY service" notification to all of them. Also, I didn't like that Google had all the data they wanted, so I ended with 2 smartphones:

• One de-googled (LineageOS without Google Apps) that I use for calls and trusted apps. This one has my contacts list.
• One default Android-Google without simcard for those apps that require oficial-Android (mainly banks apps) and any app I'm afraid could mess with the contact list.

AFAIK I've only had one incident because I trusted Telegram too much. There is always non-zero risk, but this works for me.

Dumbphones do all that too.

get a cuatom rom that is privacy focussed,your concerns are valid, mostly. Though dumb phones aren't much better

I think its a bit of a overreaction, but you can always download Foss apps even if you can't download better private OSs, its not the best but its better then nothing

If you never enable any data services on your SIM (GSM only for calls) and never connect to WiFi. You're not leaking anymore data than an old fashioned phone.

However, the fact that you are asking these questions does suggest you are probably being unhealthily paranoid. (Reading these replies, it seems you are in good company on this forum.)

I'm going to assume you are not engaging in high level cyber activities that would require you to adopt this level or paranoia. If you were, you wouldn't be asking basic questions.

Instead, it sounds like you have developed an irrational fear of what tech companies can realistically do with your data and what level of harm they may wish to cause you.

Typically, they can log your search and browser data to determine if, for example, you like pizza. Then they may show you an advert for pizza or highlight the nearest Dominos on Google maps. But... they can only do that if you share that information with them in the first place by using your new smart phone (with none of the privacy settings enabled) to search for pizza and then using Google maps. Nobody is forcing you to do that. But is it really that bad even if you do?

Google are not going to clone you, or assassinate you or somehow work out you are not paying taxes or are engaging in illegal activity unless you use your phone to do it. And even then, they don't go round grassing people up to the government for the fun of it. They just want you to click on adverts and, once you are aware of how they operate, it's relatively easy to avoid them whilst still getting great value from a pretty incredible piece of modern technology.

Now, if you are genuinely worried about government targeting (I don't know what country you live in) an encrypted messaging App will be significantly more secure than an unencrypted old GSM phone that is quite easy to intercept and relies on the integrity of your MNO provider.

My advice, stop worrying. You already have a cautious mindset so you won't get tricked by these companies, but you could also be enjoying many of the benefits of being able to access all of humanities collective information from your pocket.

Yes you are batshit crazy