Actually, it's conceivable to allow secure storage of data remotely, in a way that prevents even the storage provider from accessing it.
You can't trust storage providers today to implement that kind of functionality, unless you analyze the source code of the scripts on the service's webpage every time it loads.
However the browsers could add functionality to enforce that. They could offer "protected" input forms, input from which is tagged. Every protected input form would be visually indicated and made it apparent what encryption key it's supposed to use. The browser then ensures that any data in DOM nodes and JS objects tagged as protected cannot be sent to the server.
To remove the protection tag from such data the scripts on the page need to pipe it through a builtin encryption function with the indicated key. The protection tag needs to be viral so that any data derived from protected data is also protected and any JS objects created after a branch based on protected data are also protected.
On the decryption side, a builtin decrypt function would produce data tagged as protected.
In short, make browsers ensure that input from indicated form elements is
* always encrypted before being sent to the server
* encrypted with the desired key
Naturally that doesn't fix the stupid user problem, but it'd make smart users happy.