* Passphrase might be weak

* Google has it forever, and encryption tends to get outdated and weaker over time. In some years they might easily unencrypt it

* Someone can force you/trick you to unencrypt it. If they don't even have the DB, it's one extra step.

* Privacy and metadata leaks from using a google service