That's a crypto architecture design choice, MS opted for the user-friendly key escrow option instead of the more secure strong local key - that requires a competent user setting a strong password and saving recovery codes, understanding the disastrous implication of a key loss etc.

Given the abilities of the median MS client, the better choice is not obvious at all, while "protecting from a nation-state adversary" was definitely not one of the goals.

It makes sense if you consider the possibility of a secret deal between the government and a giant corporation. The deal is that people's data is never secure.

It's a nightmare actually.

The alternative is just not having FDE on by default, it really isn't "require utterly clueless non-technical users to go through complicated opt-in procedure for backups to avoid losing all their data when they forget their password".

And AFAICT, they do ask, even if the flow is clearly designed to get the user to back up their keys online.

Forcing implies there are zero ways to begin with a local only account (or other non-Microsoft Account). That's simply not true.