That’s a rational and cautious assumption but there should also be regulations that render it less necessary placed upon companies large enough to shoulder the burden.

The bodies that are in a position to effect such regulations are also the bodies that are interested in looking at your (yes, your) private communication. No, formally being a liberal democracy helps little, see PATRIOT Act, Chat Control, etc.

The only secure position for a company (provided that the company is not interested in reading your communication) is the position of a blind carrier that cannot decrypt what you say; e.g. Mullvad VPN demonstrated that it works. I don't think that an LLM hosting company can use such an approach, so...