What if I told you that right now, regardless of your OS, BIOS/UEFI, or even if your computer is turned on, there is a piece of software that is constantly running in the background? This software can see everything on your screen, turn on and off your computer, see every key as you type, and can detect what you're clicking on. On top of this, it can also enable remote viewing of your screen from anywhere in the world. Did I mention you can not fully remove it as well? This software is called the Intel Management Engine, and despite what the name implies, this issue extends to AMD systems as well. While it wasn't enabled on all CPUs until 2008, it was put in to every CPU starting in 2006 with Intel's 965 chipset, meaning that from June 2006, no PC is safe from Intel being able to meddle with their system at will. But what if one very unexpected system from after this timeframe was able to slip through the cracks? In this case, I am talking about the original Apple MacBook (Model 1,1) from 2006.
Despite releasing in July 2006, one month after this management engine was implemented, the machine was actually in production since May. This means that while Apple's device did in-fact release after the management engine existed, it uses Intel's 945 chipset, rather than the 965 chipset from June. This on its own is absolutely tremendous, as it means everything you do on your system is your business, and your business only! However, we can go even deeper than that. Because there is no IME running on this system, we can completely remove the UEFI/BIOS software and install something custom if we want to, called Libreboot, to run something other than Apple's proprietary UEFI software. You may be thinking by this point something along the lines of "Oh great, I can have privacy on an extremely outdated OS that can not even load modern websites". You could not be any more wrong about this fact, as there are many simple and quick guides out there for upgrading the operating system on these 32-bit machines. I have run Windows 10 32-bit on mine in the past solely for experimenting purposes, before installing Debian Linux on mine to enhance the already private nature of the machine. I also recommend using MATE Desktop/XFCE Desktop environment if you choose to run Linux on this machine, paired with an SSD to make it a faster computing experience.
By now, I am sure there are some people starting to fuss, thinking "Hey!!! What about Thinkpads!!!". Well, the reason I put this MacBook higher than a Thinkpad is for one reason: pricing. Thanks to their solid reputation, older Thinkpads go for ridiculous amounts. Another popular machine to install Libreboot on is the Thinkpad X200. One quick eBay search shows me that the cheapest one is still around $200 used without upgrades, whereas searching for the 2006 MacBook shows a price of about 60 bucks. For less than the price of a PS5 game, you can be confident that the machine you are using respects your human right to privacy. I will however admit that if you can pay up, any pre-2008 Thinkpad will instantly become the winner in terms of performance. I still firmly believe that in a case where you do not have hundreds to spend, the MacBook plus a small 30-60gb SSD and 2GB RAM is the ideal choice for a private laptop.
The short answer is no. The long answer however, is "kind of". System76 has been manually stripping down the Intel Management Engine to the absolute minimum that it can go to without breaking the system stability. The catch here for users who aren't great with tech is that these laptops (and desktops) run Pop OS, System76's Linux Distribution. These laptops are great for gaming, assuming that the games support Linux, which Valve games (CS:GO, TF2, ect) do, as well as Minecraft. If somebody were to purchase one of these systems without the knowledge of how to use Linux or how to Replace it, I fear they would regret that choice. Though if you actually care about your privacy, chances are that you know what you're doing when it comes to tech.