While a severe security breach in a Google datacentre is highly unlikely, the fact that the keys are stored with the same people that store the data means they are much more likely to be compromised simultaneously than if the keys were kept with the client and the encryption and decryption was done by the client.
For those concerned about NSA snooping remember this is all bunk, it's only encrypted on the server so they can still see what's being sent, and they have to hand over data in response to a court order.
"For those concerned about NSA snooping remember this is all bunk, it's only encrypted on the server so they can still see what's being sent, and they have to hand over data in response to a court order."
Ummm... Guess you haven't been keeping up with the news. NSA have been snooping without a court order for quite some time now.
This gives a false sense of security, because Google still has the keys. If you store your files on Google's servers, then they can access the files. Either law enforcement can force them to do it, or the server admins can steal your data, or just expose it through negligence. The best way to protect files is to use encryption, but it must be done locally, before files are uploaded - not on the cloud server.
There are many tools that will do this: Truecrypt www.truecrypt.org will encrypt entire disk volumes. Syncdocs www.syncdocs.com will encrypt files stored on Google Drive.
With Syncdocs or TrueCrypt you own the keys. Your files are encrypted BEFORE they are sent to Google Drive.