In the first case, there is nothing preventing the development of software to overwrite data before unlink(2) is called.
In the second case, you can choose to trust or distrust the cloud storage provider. Trust being backed by contractual obligations and the right to sue if those obligations are not met. Of course, most EULAs for consumer products are toothless is this respect. On the other hand, that doesn't prevent companies from offering contracts which have some teeth (which they may do for business clients).
> there is nothing preventing the development of software to overwrite data before unlink(2) is called.
It’s not that simple: this command already exists, it’s called `shred`, and as the manual[1] notes:
The shred command relies on a crucial assumption: that the file system and hardware overwrite data in place. Although this is common and is the traditional way to do things, many modern file system designs do not satisfy this assumption.
[1] https://www.gnu.org/software/coreutils/manual/html_node/shre...