Eh. If you own the whole fiber from place to place, you might be lulled into thinking the data never leaves your premises.

Yeah, there's always a dividing line.

Between two servers in the same rack? Between two racks in the same datacenter? Between two datacenters in the same physical complex? Between two complexes connected by fiber you installed yourself?

If the security state keeps on keeping on, I expect companies which care about privacy to keep tightening it in. One day not long from now it might be considered ludicrous to transfer data from one server to another server within the same datacenter unencrypted. One day not long after that we may perfect secure multi-party computation, and a server might perform meaningful computation upon an encrypted dataset without any ability to decrypt it.

The goalposts are moving.

If you own the entire datacenter (like I'm sure Google does in most scenarios) and you're having racks compromised, then you probably have much larger issues that crypto won't solve.

Datacenters aren't poofed into existence. The networking hardware could be compromised at the factory, which would compromise the datacenter's network security without compromising its physical security or any of the servers.

By that logic, the networking hardware on the NIC could be compromised as well, giving an attacker DMA capabilities on a server, too.

It's also computationally nontrivial to encrypt tens of gigabits in real-time. Quite do-able, but nontrivial enough to make it the sort of nice-to-have you'd back-burner if you were confident that you controlled the line.

Ah, but convincing folks to run SSL inside the corporate firewall leads me to believe that Google may have treated the fiber between datacenters as not actually leaving the property.

(Yes, it is a tough sell to get folks to run SSL inside.)