In order to have a reasonable, stable supply chain at all, you need quite large scale; and even then your phone would have much smaller scale than the mainstream competitors and so would be be significantly more expensive than their models with similar hardware, both because it's targeting a niche and also because all this tracking&targeting does result in some revenue stream for the manufacturers.
It indeed is a jolly good idea if somebody really checked for a living all those open source apps, however the math works out only if you allocate the salary of those people over a million phones, not if you have only 10000 customers.
Perhaps you would actually be willing to pay a large premium for that, but the vast majority people are not. Perhaps a meaningful number of people would be willing to pay a small premium like 10-20%? But that's not what's reasonably achievable, the differences are much larger as soon as you go off mass market production or start needing software modifications which are a large fixed cost that is cost-effective only if you're distributing it over very many phones.
There have been many companies in the past which have found out the hard way that few people really care about privacy that much (or they care but can't really afford much, which has the same effect), but for a recent example, you can look at the troubles of Librem 5; IMHO it's trying to do similar things, but its price/performance is suffering because of that and you be the judge whether their business model looks viable. And if you want a trustworthy supply chain, then your (already high) costs literally double, again, Librem 5 "USA" model is an example of that - a $2k phone where the core functionality (excluding the privacy) is essentially the same or worse as a $200 phone from a Chinese brand.
you sketch a good frame to help think about this challenge holistically. the list of failed initiatives is by now so large it almost gives you a statistical sample of factors to take into account (I contributed a data point once - one of the <10K firefox-os/zte users :-(
but somehow the numbers could/should add up at some point. If you think (ballpark) a billion devices in circulation and assume that 1-in-1000 people has a combination of awareness and ability to afford a private / open source device, that is your 1M right there.
this should be a very conservative estimate. it assumes that people (more precisely those who claim to represent their best interests) will continue with the inexcusable practice of governments "not interfering" with the "market" (in quotes because it not a real market when you have two options). While some governments slowly take legislative steps in the data privacy space, I have never seen any actual warning from official lips about privacy (the way they warn about assuming financial risk, being overweight, drunk driving, not getting vaccinated etc).
maybe the current business model only stands due to the "subsidy through silence"?
It indeed is a jolly good idea if somebody really checked for a living all those open source apps, however the math works out only if you allocate the salary of those people over a million phones, not if you have only 10000 customers.
Perhaps you would actually be willing to pay a large premium for that, but the vast majority people are not. Perhaps a meaningful number of people would be willing to pay a small premium like 10-20%? But that's not what's reasonably achievable, the differences are much larger as soon as you go off mass market production or start needing software modifications which are a large fixed cost that is cost-effective only if you're distributing it over very many phones.
There have been many companies in the past which have found out the hard way that few people really care about privacy that much (or they care but can't really afford much, which has the same effect), but for a recent example, you can look at the troubles of Librem 5; IMHO it's trying to do similar things, but its price/performance is suffering because of that and you be the judge whether their business model looks viable. And if you want a trustworthy supply chain, then your (already high) costs literally double, again, Librem 5 "USA" model is an example of that - a $2k phone where the core functionality (excluding the privacy) is essentially the same or worse as a $200 phone from a Chinese brand.