I think we need to think at a higher level:
Why do we use Docker?
In Gladys 3, I remind you that we ran Gladys directly on the machine, without Docker, so Gladys had access to the entire machine.
In Gladys 4, we use Docker to facilitate packaging, deployment, and updating of Gladys instances. Given that we are in embedded systems, we need to access devices (USB, GPIO, Camera Pi via the camera bus, for example), it makes perfect sense to give Gladys full access to the machine, as it would be the case if we were just running the program directly on the Raspberry Pi.
We are not at all in the Docker usage of a cloud provider that would want to isolate the execution of untrusted code, limit access to the physical machine, and limit the resources used by a third-party user.
Here, the user runs on their own machine, alone, an embedded program that makes intensive use of external devices and hardware. On the contrary: we want to take advantage of the super capabilities of the Raspberry Pi, and have the same functionalities as if we were running Gladys directly on the host like most programs do.
After that, as @VonOx said, it’s optional, and if you use Gladys in a context where you don’t need any hardware, you can remove the --privileged. The gain in « security » is quite minor or even non-existent in this specific use case of Docker. (Do not generalize, I’m talking about this case here)