[thatcat]

I'm just saying not saving data is simpler than saving data and avoids the complication. The average user doesn't need 99% of the data that google saves about them and would have no reason to store it themselves. You can have phishing protection and the world class security team while also not saving the unnecessary data resulting in an even more secure model. Protonmail seems to be just as secure without requiring data collection, for example.

[extralego]

Right. If google were just black hats trying to help everyone with their data security, then OK. But, since they aren't, the mere fact that they have the personal data stored to begin with undermines it's security from the moment of storing it.

I had my car stolen last year. If I had found a note left that informed me it is in a secure place, I'm not sure I would have felt any better. And I'm not sure I would appreciate someone expecting me to.