There is also OpenHAB, but I think Home Assistant is the more mature one of the two.

In principle the messages themselves could be E2E encrypted, but the closed-source WhatsApp client could transmit decryption keys to Meta HQ without anyone finding out. As long as the client or the client device is unsafe and not trusted, E2EE is not really effective. Which is why one should always demand a FOSS client for E2EE.

No, they are not. Sovereign countries are bound by the WTO (World Trade Organisation), not US export laws.