The process of connecting to public wifi is risk. Most public wifi networks have a landing page that you have to click through before proceeding/granting you access. That page could have a malicious script.

Last year after a trip in Germany, my older iPhone had a random password saved in Safari settings. On top of that, every time I tried to delete the password, it would reappear when I went back (iCloud sync was off, etc.). I don't remember browsing anything out of the ordinary, but did connect to a bunch of public wifi spots. Here's to hoping it was just a really persistent ad-tracking method.

For the second one, I believe you can still ID what sites a user is likely using if you're in the middle, regardless of https, via eg reverse IP lookups- just not what they're sending to that site. A VPN covers that.

In many (most?) countries mobile data is cheaper than wired connections, but obviously with worse latency.

Slower too maybe, but we're long past the point it really matters, except for latency sensitive applications. 50+ Mbps is just plenty for most applications.

Only real need of wifi to save some battery power and maybe to get better latency and jitter for VoIP and interactive applications.

AFAIK, US and UK are still pretty bad. I guess they have to limit bandwidth and data volume to be able to, ahem, listen to their customer.