That's depend your threat model, isn't it? All Android phones rely on black box baseband blobs from the hardware manufacturers. If there is an exploit hidden there, I believe they won't use it just for blanket data collection like this, but only use it for targeted attacks on high value targets (politicians, journalists, magacorp execs, etc). Hopefully they won't bother to use that kind of low level exploits on normal plebs like me. I'm not even sure if iPhones are safe enough when your threat model requires trusting the low level hardware. The only way to avoid it is by using a phone with fully trusted stacks like pine phone or librem 5.