Not looking for extensive arguments, just a quick and comprehensive overview of any shortcomings of the 3T when it comes down to privacy and blobs leaking data to external parties.
In short, the probability of anything doing it in the kernel directly is very small. Most all the standard privacy concerns about Google are about stuff happening in userspace with Google's build of Android which includes all their proprietary services and integrations. These are not present in AOSP builds like LineageOS and Ubuntu Touch.
The binary blobs for drivers don't come from Google either, but from the manufacturers of the hardware components. So it's unlikely they are going to be sending any data to Google. Writing code that runs in kernel space to find interesting things from userspace and transport them to some remote site, is also not worth the trouble to do in something like a driver that controls the vibration motor when you tap the on-screen keyboard for example. It's way too much work, and risk, for too little benefit. It's far easier to just trick you into downloading some app and running it as root.