Isn't the difference based on time though? The device manufacturer can push a patch, but they would get access to the information after the patch, whereas access to the log gives you information from before the patch. Or have I misunderstood?
The device manufacturer has access to the device (at the hardware level even) the moment they start building it. They don't need to push a patch to gain access, they could access your logs at any point throughout the lifespan of the device.
I think we're talking about different things. If a manufacturer wants to eavesdrop on my device then they need to push a patch to my device. They can only get information about what happens after they push this patch. They can do it at the start of the life of the device, but they'd have to do it then.
However, if important data is retained in logs, then the manufacturer could grab the data from the logs. They can get information from a time before they decided to look into you.
It's like a wiretap vs access to a diary. A wiretap only gives you information after the tap has been installed, whereas getting your hands on someone's diary would give you access to previous information too.
