Although some of your points are valid, I think you missed one of the most important issues regarding the entire story: Google were frank about their mess-up.
Not initially - they originally said:
"Networks also send information to other computers that are using the network, called payload data, but Google does not collect or store payload data."
This was wrong and was in response to claims that Google was collecting payload data. The thought this could be in error is ridiculous. First they'd have to accidently collect the data, and then they'd have to accidently not notice even when they went to look for it.
They only (finally) admitted they were collecting payload data when the German government asked for the collected data to audit exactly what was being collected.
Here Google had many options:
1) They could have found about the error and deleted all information the moment the Germans started inquiring - nobody would have known anything. If asked - do like the politician, deny
That would have been fatal - the German government was either on a fishing expedition or already knew what was being collected. For Google to have deliberately deleted data in response to a Government request would have been insane - going to prison, massive fines and "they're evil" type of insanity.
2) They could have issued a short statement claiming that they independently found an error and fixed it, without disclosing too much details.
That would have been untenable - they just happen to find out after they had threatened with an audit.
3) They could have issued a long statement admitting that they started the investigation after the German inquiry, etc
So they did the only vague credible course of action left open to them
We keep asking companies to be honest about their practices and mistakes, but when they do admit wrongdoing, we bash them on /. and then promise not to use their services.
The problem is that few believe they are being honest - acccidently collecting hundreds of gigs of data and not noticing either after you've processed your (our) data or after you've said you've checked and there is defintely no data there.
I'll leave with a final thought - Google claimed that they have never used the data in any product. Given that they claim they didn't even know they had the data until recently how can they possibly make the categorical and emphatic claim that they had never used it in any product. I'd have believed a statement that they didn't believed they had used the data, but were currently auditing to make sure or something. But another straight denial? It makes them look like a six year old caught with their hand in the cookie jar - every answer given to cast themselves in the best possible light with only a vague connection with the truth.