That is totally not true. They can be forced to install an app on their device that creates the backdoors. Companies do that all the time. An OS doesn't need to have backdoors built into it for backdoors to be added to it. Kinda the point of an OS is that it is general purpose.