Storing that much data about users isn't harmless just because the company doesn't do anything bad with it.
Even if that company would forever be good, they could still have their servers infiltrated into or stolen, or some government could decide that they want the data over night.
* Computer could have been compromised
* Wifi/local network could have been compromised
* Your ISP could have been compromised
* Some of the peers on the internet between your ISP and google "
* The datacenter where Googles servers are
And that's before the data gets to Google.
I'd guess that the most common privacy theft is at the first 2 steps - local computer / wifi network.
Any one of those could happen, someone could be logging all your searches + all internet traffic in some of those cases.
Personally though, "What I've searched for" is in the 'meh don't care if anyone knows this' bucket for me.
When we're talking about that much data, the risk isn't just personal any more. It's not that they'll embarrass you with your search words from 10 years ago or let burglars know when you're shopping for plane tickets for Honolulu.
It's about what that amount of data about a whole country 's population could be used for.
Right, but knowing the risk associated with things is important... For example I don't care much about terrorism, I care about making sure my kids look both ways when crossing the road.
Similarly, I care more about individual users PCs getting compromised than Google getting hacked.
Even if that company would forever be good, they could still have their servers infiltrated into or stolen, or some government could decide that they want the data over night.