For those who were wondering what the overhead was of FDE on a modern Linux kernel and modern processors with AES-NI built in Michael did some benchmarks on LUNKs fairly regularly, here is one from last year on a laptop running POP OS. https://www.phoronix.com/review/hp-devone-encrypt

Yeah that is the problem of the IT crowd, they should know what they do. I'm not complaining about this case.
Unless that someone has a few months vacation or lies in a hospital, comes back and ... nada
You are confusing what is and what should be. Just ask random people on the street if they have a backup of their important data. Most will just glare at you with empty eyes.

Remember we are talking about encryption as standard setting. People will be using encryption without having checked what it implies to loose a password or even understanding what encryption is. I won't have to support them so I don't care, just saying this will not go well ...

True but these people will only use their iPhone and not a PC - much less one running Linux.

Not so sure, I know many Linux and Win users not doing any backups. Most people I know that do backups regulary had a HDD crash in the past. Just me telling them what could potentially happen has never convinced anyone to do backups. And to be fair a large part of them never experienced data loss and probably never will. It's like wearing a helmet.

Please remember that the most common scenario is TPM-backed encryption which will work 99% of the time with no issues and that password would be a fallback for the 1%.

Is there an incredibly contrived scenario where someone loses data to a sane-defaults FDE solution? Sure. But it does not come close to outweighing the benefits for the overwhelmingly common usecases. Most people are using laptops, most people can benefit from some moderate degree of assurance that laptop theft does not lead to identity theft or OS tampering.

It is also not difficult for the OOBE/first boot process to pop up a screen that says "Print this page and put with your important documents", containing a recovery key. Again: A completely solved problem, given that Bitlocker has been doing this as a default for literally years with a far bigger deployment footprint.

The correct solution to this problem is not to disable encryption, but to override the LUKS default and enable discarding through it. It's also not relevant to the solution Fedora prefers to implement, because Btrfs encryption does not rely on LUKS.

I agree. I don't see much use for this on a desktop if you don't have much concern about it getting stolen. On a laptop, I think this is a must.

Yes we will see how they implement it in the future, I'm allready using allow-discards,no-read-workqueue,no-write-workqueue with luks, but it's not in the standard settings and atleast discard shouldn't be (leaking usage area). Although not a problem with FS based encryption.

Btrfs works with TPM? Didn't know that, not too keen with that FS. Might be a good solution in that case.

It should. The usage leak is not something most users care about at all. Also, fs level encryption has the exact same leak, but everybody already learned not to care there.