That's actually a pretty compelling use case. Instead of the US Government being able to routinely compel Apple, Google, FB, Amazon, etc to to hand over data they just say "we don't have the keys". The fact that any of these entities could find a way to get the data if they wanted (yes, even Apple, even with E2E could have an insider attack where a rogue spy employee implanted some code in the OS to intercept data)

Allowing the service providers to say "we don't have it", makes widespread government attack less scalable, because instead of focusing on one entity, suddenly they've got to chase down thousands of individuals and compel them. And the individuals usually have a lot less to lose if they don't obey than a tech company with billions on the line.

> If you don't trust Google, even this doesn't help you. They run enough code in and near your VM, they could find a way to steal data out if it if they wanted.

Exactly, but so can Intel/AMD/Dell/HP/$HW_VENDOR. That's why we have libreboot and friends trying to disable ME and other firmware blobs.

You could airgap your hardware in a SCIF and shred it when you're done with it but as stuxnet and other attacks have shown if you want to do useful network computing you can't be totally secure.