Because that means I need to manage the encryption key (which is a file, not a password). It makes it harder to do restores because I need to dig out the key.

I don't have anything I care about in the Home Assistant install to need encryption; if you have access to that you are already in the network, same as the actual running device.

It is unfortunate if you want to deduplicate and encrypt in the target backup.