inbound - 9:25 am on Oct 21, 2011 (gmt 0)
Hardly a fix as the website decoding the data could then pass the decoded referral data to 3rd parties
Controlling access to the decryption key through WMT would allow Google to enforce terms and conditions on webmasters wishing to use the QS. If there is foul play then Google could change the key and stop the flow of information (or stop sending any encrypted QS). There are issues with any "solution" but there has to be a limit to if's, but's and maybe's.
Incidentally, I can see where you are coming from - it's a matter of trust. If Google does not trust you then you lose some of the advantages thay can provide you. Although this should not happen carte blanche, as it negatively affects the public.