As simply as possible, it (mostly) locks down system files and confines users to the user directory. This makes the operating system very stable and hard to break, it also creates a reproducible testing environment which significantly helps developers with bug testing software. For the vast majority of users, this is a positive, though users that want to tinker with the system files a lot may run into a lot of blockers. Upgrades are likely to be very stable, and you will not have system file config drift issues that often break long running traditional linux distros and force the user to intervene.
Pretty ridiculous take I can wire sniff everything coming out of my house and Linux (I use fedora Atomic) and GrapheneOs solve any sort of tracking issues. Then you just have only your ISP to worry about, and that can be solved with appropriate vpn, vps, and/or tor setups
i think the issue comes when the state needs information and they will be willing to surgically implant things in you and force you through a series of tests to establish a baseline.
Maybe a field for number of servers currently?