Well, for one, Google says that they don’t sell user data. And they work with thousands of advertising agencies all over the world, so if it was a lie I’m sure it would have been been revealed in a front page NYT article by now. There are a ton of people who would be in a position to leak that the claim is a lie, and a lot of people very financially interested in learning it’s a lie.
For two, you can look up Google’s history of fighting back against court orders to access customer data. There wouldn’t be much point in that if this data was just “available to advertisers and government agencies”. Except maybe PR, which going back to point one.
For three, Snowden’s leaks revealed that the NSA installed fiber taps in Google datacenters to steal this data, precisely because Google wouldn’t give it to the NSA without a valid warrant. Google has since publicly claimed that they have encrypted all traffic on their internal network.
“Google sells your data!” is an old meme, but a tired one, and not one that stands up to inspection.
We may take as given that advertising agents cannot simply buy the history of your usage, outright.
Does that mean much? Google would not be so foolish as to hand over everything at once, when they could do something else that allows them to sell it, or the use of it, again and again. They doubtless have a hundred ways, each more clever than the last, to sell it again and again. Since they control the whole apparatus, they can make full use of all your history at all times without revealing to advertisers anything that would allow Google to be bypassed next time.
So, Google's pledge is simply that every use of your data will necessarily involve paying Google again. And, anything at all that can help Google uniquely identify you with activity anywhere online certainly is collected into your file, the use of to be dold for what the traffic will bear.
I don’t think this addresses any of the three points, unless you’re interpreting the OP’s “advertisers, gov agencies and corporations can freely purchase your search history from Google” in an entirely non-literal sense that has nothing to do with the literal meaning of the words.
> Your ISP has a different set of incentives.
Indeed, ISPs are known to wholesale sell their user’s traffic history.
I'm unclear how you have a threat model that isn't based on speculation. Unless they are having third party audits that I'm unaware of, I basically have Google's word right now that they are deleting my data. I agree that the evidence suggests that right now, Google does not sell your data, and that they have adequate security. That doesn't mean I trust them when they say they delete my data, or that my data will be safe forever.
I'm not even saying that Google is selling it, I'm just arguing that it makes practical sense to me to have that assumption from a privacy standpoint.