Comment by dijit

Your entire argument rests on conflating "trust" with "blind dependency on a third party subject to legal compulsion".

> Okay, then take sharing your PINs with your spouse.

Sharing with your spouse is consensual, temporary, and revocable. You know you've done it, you trust that specific person, and you can change it later. Uploading your keys to Microsoft is none of these things.

> But Microsoft issued your copy of Windows and Bitlocker and is the one responsible for your data getting encrypted.

Microsoft sold you software. They didn't verify your identity, they're not a regulated financial institution, and they have no duty of care beyond their terms of service. The fact that they encrypted your drive doesn't make them a trustworthy custodian of the keys any more than your locksmith is entitled to copies of your house keys.

> For normal people, Microsoft is not a threat actor here. Nor is the government.

"Normal people" includes journalists, lawyers, activists, abuse survivors, and anyone else Microsoft might be legally compelled to surveil. Your threat model is "thieves and stalkers". Mine includes the state. Both are valid, but only one of us is forcing our model on everyone by default.

> the world runs on trust. Trust is a feature.

Trust in the wrong entity is a vulnerability. You're arguing we should trust a corporation with a legal department larger than most countries' regulators, one that's repeatedly been breached and is subject to government data requests in every jurisdiction it operates.

Your doctors-breaking-GDPR example is particularly telling: you've observed that bad UX causes people to route around security, and concluded that security is the problem rather than the UX. The solution to "delegation is hard" isn't "give up and trust corporations". It's "build better delegation mechanisms". One is an engineering problem. The other is surrender dressed as pragmatism.