This is the future; partially fuelled by malware, partially fuelled by the desire for platform control, and partially fuelled by government regulation.
This regulation of NSW, Australia considers rooted devices with extra non-Google/non-Apple approved security features such as a duress/wipe PIN (a standard feature of GrapheneOS[2]) as a "dedicated encrypted criminal communication device". How the device is being used doesn't matter. It's how it _could_ be used.
[1] https://classic.austlii.edu.au/au/legis/nsw/consol_act/ca190...
"(3) A dedicated encrypted criminal communication device does not include-- (a) a device if-- (i) the device has been designed, modified or equipped with software or security features, and (ii) a reasonable person would consider the software or security features have been applied for a primary purpose other than facilitating communication between persons involved in criminal activity to defeat law enforcement detection,"
It's not automatic: depending on what a reasonable person thinks and the definition of criminal activity.
Does the jurisdiction matter? For example, if an activist was using a device to do things in another country that would be legal in Australia but were crimes in the other country.