So we may know, or remember from the past that you install certificates and run a proxy server and inspect what comes out of a browser. This is no longer true. If you have a modern phone, you can not run a proxy service for it to figure out what your phone is sharing with the world about you. It is impossible.

There was a paper from a university in Dublin two weeks ago, where they made valiant attempts to figure out what Android apps are actually sending to their mothership. And they had to root their phone, reverse engineer it, replace certificates, and they were able to partially figure out what the apps were doing. But they even found out that once they had stripped the TLS layer, that the data that was being snitched about users was often super-encrypted using obfuscated AES keys.

And these Dublin researchers were unable to figure out what the phone was actually sending to the mothership about you, the owner. This is being sold as zero trust and as better for everyone.