It seems very American to me to trust a private actor such as CouldFlare more than your own government.
I feel like at least in Europe, a large majority of people would trust their government and local ISP much more than some company halfway over the world with basically no accountancy in your own country, especially an American one since it means your data is basically at the mercy of the US government.
The ISP I run is applying [1] such blocks on our DNS recursors (blocking illegal online gambling domains, as per legal requirements [2]).
I still trust my DNS servers (or those of most ISPs, for that matter) more than I trust Cloudflare. I'd rather have intelligence services go through the effort of infiltrating every single ISP separately to get any useful dragnet intelligence, instead of just one large entity that can illegally collect all traffic from all users of a web browser.
And I very much hope they aren't contemplating rolling this out in Europe.
Having worked for a major European telco, I get the impression that the amount of regulation they face around data protection and privacy is tremendous and my experience has been that this stuff is by no means taken lightly either.
It would never in a million years occur to me to route my traffic in such a way as to circumvent the legal protections it enjoys as long as it stays within a European ISP's network and instead encrypt it and send it off to a nearly unregulated entity in a foreign country.
Mozilla has a strong Trusted Recursive Resolver (TRR) policy in place that forbids CloudFlare or any other DoH partner from collecting personal identifying information. To mitigate this risk, our partners are contractually bound to adhere to this policy.
I feel like at least in Europe, a large majority of people would trust their government and local ISP much more than some company halfway over the world with basically no accountancy in your own country, especially an American one since it means your data is basically at the mercy of the US government.