Choosing a foreign government to spy on you rather than your own government isn't a clear choice. While a foreign government is less likely to be interested in you personally and likely less able to directly cause you harm, you also have less recourse against them than against your own government and their interests are less likely to be aligned with yours.

Additionally, your government may be able to co-opt the compromised devices anyway and would certainly have an incentive to do so.

I'd also question that a device that is by-design-compromised is otherwise secure from bad actors. It is difficult to imagine the incentive structure that would make that possible.

Finally, once this personal data has been harvested by either government, there is nothing to stop these governments or rogue elements within these governments from trading or sharing that data with your own government or other actors.

American businesses are forced to share our private data witn three letter agencies. Conversely, I can't imagine any leverage, money or lawful, that would cause a Chinese citizen living in China, with families in China, to be so stupid as to collaborate with the US government in any way, unless they wish for their families to be sent to labor camps.

My data is safer with the Chinese. I don't like it, but that's where we stand with our privacy.

At this point, I’d trust a (likely) disinterested state actor over one that has been proven to be actively malicious.

Best policy I abide by is to prevent any data from exiting my network or remote control period. I don't care who is spying.