I mean, lots of security improvements that make promises that they can keep. I'm not saying they have to do my pet idea; I'd have zero complaints if they announced they were pushing 2FA to more people, or a dozen other things.

But "your message will self-destruct in a week" is a flawed promise because a bad actor can snap a photo of your email, apply a zany photo filter, get it printed on 11x13" photo paper, buy a colorful frame for it, and hang it on the wall of their home for visitors to artistically enjoy for years. It's not meaningfully gone unless all copies of it are gone, and this feature won't ensure that.

"Request expiration," like I alluded to in my earlier message, makes a promise that's closer to reality. A feature like that that's honored by default will help when both sides want messages gone, without overpromising. Importantly, it doesn't involve trying to take away the recipient's power over data they possess, or fiddling with the open email ecosystem too much. Trying to take away users' control over their data is a tendency that has more bad potential outcomes than good, and so is breaking the remaining openness of email.

(There're also some potential practical issues. It's more of a pain to keep documentation you were harassed over this kind of email, for instance, though since the feature is badly broken it's still possible. It breaks recipients' very-long-standing expectations about how things work, too. Folks mentioned all that when Facebook talked about support for unsending messages recently.)

The less-bad possibility is that Google just said, "well, folks enjoy Snapchat and such" and sort of didn't go that deep into the weeds. The bad-bad case is what mtgx said, that they're conscious of the bugs but consider them features.

Nobody wants self-deleting emails. If you don't want someone to keep what you send them, possibly forever, don't send it to them.