Sure, but the corollary to that is that security is complicated. Do you really expect the average user to have a more secure system than what they would otherwise have. In other words, is a Gmail account more or less secure than what you would have otherwise.
I think the answer depends, but it certainly isn't always "less". There's some information that you have to store somewhere, and is having a world class security team who works to actively mitigate things like phishing better than storing it yourself?
I'm just saying not saving data is simpler than saving data and avoids the complication. The average user doesn't need 99% of the data that google saves about them and would have no reason to store it themselves. You can have phishing protection and the world class security team while also not saving the unnecessary data resulting in an even more secure model. Protonmail seems to be just as secure without requiring data collection, for example.
Right. If google were just black hats trying to help everyone with their data security, then OK. But, since they aren't, the mere fact that they have the personal data stored to begin with undermines it's security from the moment of storing it.
I had my car stolen last year. If I had found a note left that informed me it is in a secure place, I'm not sure I would have felt any better. And I'm not sure I would appreciate someone expecting me to.
I think the answer depends, but it certainly isn't always "less". There's some information that you have to store somewhere, and is having a world class security team who works to actively mitigate things like phishing better than storing it yourself?