That is technically incorrect. As I understand it, the iPhones are generic (global), but the iCloud service is what the Chinese authorities have full snooping rights to.
Apple doesn't cut a custom firmware with special/additional golden keys or anything of that nature, as I understand it, for anyone.
The iPhone in this case is safe, assuming you don't use iCloud, in China.
But most people use iCloud, right? Apple forbids you from using competing full phone cloud backup services. The built in backup software continuously sends iCloud copies of most user data on the phone.
This is not correct. Apple's page explaining their iCloud encryption states that they use end-to-end encryption only for a few specific types of data, and only if you enable two factor authentication. iMessage in particular explicitly sends its encryption keys to iCloud (so that iCloud can unlock your messages if you lose your device, but of course this means iCloud can unlock your messages for any other reason without your knowledge). https://support.apple.com/en-us/HT202303
Apple doesn't cut a custom firmware with special/additional golden keys or anything of that nature, as I understand it, for anyone.
The iPhone in this case is safe, assuming you don't use iCloud, in China.