You're very much correct. I think the implementation would differ from the concept, though I think the mental framework around either re-implementing a save button (for conscious consent to share data) or un-auto-saving (for understanding how much is auto-saved) is useful―particularly because most people (particularly making policy) understand the visual icon, get what it does, and can easily model what its removal might mean for an auto-save by default world. I think it makes easier the conversation about, for instance, metadata, when you can talk about the timestamp of a file being akin to server call logs, etc.
But you're very much correct about the slippery slope here. I think my general thought was toward a branded campaign, but the implementation would be much more than that, and require some tightrope walking that you've identified.
I'm hoping to be able to be in some additional conversations with the cybersecurity professionals, because to me the greatest lack so far in this challenge has been a specificity of the goal or call (though I get that we're starting out broadly and narrowing from there).