You realize you need to explicitly sign yourself into a Microsoft account using Windows 10 to have the recovery keys transmitted?
You simply can't see the similarities at all? Neither action is required and both lead to privacy endangering outcomes.
On the one hand, you can turn your computer off, pull the hard drive out, store it securely, etc., and the fact you had the recovery keys copied means nothing. Hell, you could even remove the Microsoft Account, force the recovery keys to be recreated and you'll be safe. On the other hand, your account passwords have been sitting on someone's server on the Internet for months, accessed by any number of unknown people/systems, backed up to multiple locations and yet the moment someone grabs them there is nothing you can do to stop them from accessing any said accounts unless you know beforehand.