[kbit]

Are you referring to a specific recommendation? I'll gladly change or remove it if I included something with worse privacy or security unknowingly.

Overall though, Linus' law ("given enough eyeballs, all bugs are shallow") is a huge factor when it comes to privacy and security in my opinion. If an open source app is bad in one of those aspects, it will be noticed and fixed (or forked). Additionally, community driven projects like OSM simply don't have any reason or motivation to spy. They're a collaborative effort owned and developed by their users, not a company driven by capital and short-term profit.