At the very least, if some judge in [rural county where Google has a datacenter] issues a subpoena for the keys necessary to decrypt a packet capture obtained by the Sheriff's Office in the course of investigating a local crime

A: They can credibly argue that they don't have that information, and it won't trigger an avalanche of copycat subpoenas.

B: The crypto key being sought by the subpoena is not one that would enable decryption of all Google, but rather one specific to the connection.

It's true that there are more Title III intercept orders targeting Internet providers and companies that come from states vs. the Feds. Note these stats do not include Foreign Intelligence Surveillance Act eavesdropping.

But because Google can be compelled to divulge the plaintext of, say, email messages or G+ posts if subject to a lawful court order, there's no need to perform a more difficult and expensive Title III wiretap. Real-time services like Hangouts are an exception, but it's still easier to serve a Title III order on Google than try to install a box on a rural ISP in Georgia and try to intercept and decode the stream.

Re: your point B, PFS would protect against passive attacks even if the master SSL key is known to Eve, and a subpoena would be insufficient legal process to obtain an ephemeral session key.

Yes it does seem a rather useful, if passive-aggressive, solution to the alternative of fighting the requests in court, secretly.