I dislike the commenter’s attitude, but I do agree with parts of the message. I would prefer to treat any closed-source, internet-connected app as “collecting everything it can”, just because it has been the logic for a while. I would not trust my messaging or files to a centralized, closed platform - so why would I use something suspicious for health data this sensitive?