"Strong compliance" - to what? It strongly complies with the government's expectation of access to all of your data.
"best non-government infosec outfit" - but that outfit is not securing your information _from_ Google, the US government or Google's business parties; it secures it from other individuals and unaffiliated organizations.
I'd rather have my data in Google's hands, where I basically know who can access it and when (US government with a warrant or NSL, Google employee with a specific business need, no foreign governments, no hackers) than in the hands of some company that for all I know exposes their production DB to the public internet with default username and password enabled.
I guess there's always E2E encryption, but I'd like to be able to recover my emails if I lose my password.
"best non-government infosec outfit" - but that outfit is not securing your information _from_ Google, the US government or Google's business parties; it secures it from other individuals and unaffiliated organizations.