rcme is right though, DANE and MTA-STS are still opportunistic, the sending party must support DANE/MTA-STS to use it. And even still, with both DANE and MTA-STS, you are merely "asking nicely" to use TLS, the sender may still ignore it and use plain text delivery anyway.
The reality is that email is not, and never will be a secure communication channel.
Disclaimer: I have a career in consulting on email hardening.
Feels disingenuous to blame email because a sever is configured to allow any sender to transmit plaintext data. If you're transmitting data you should protect with encryption, and don't use encryption, that's not emails fault. The same could be said about http. If you allow users to submit passwords in cleartext, you're the problem, not HTTP
That is kind of the point of this whole conversation. The products mentioned are sending information over a protocol which does not protect it, which is much like if their password form was HTTP. I don't see anyone blaming email, I see people blaming onedrive and (potentially) openAI.
The reality is that email is not, and never will be a secure communication channel.
Disclaimer: I have a career in consulting on email hardening.