> If the pgp encryption is done client side (by a native app, not in-browser), and the "backup service" oly ever sees pgp encrypted files - is there some other hole I've not seen there?

Doesn't that mean the browser can't access the data? The browser can access an encrypted lump of stuff, but it doesn't encrypt it or decrypt it.

I guess that depends on what you mean by "access your data via a web browser". I'm imagining a Dropbox type system, where a native client uploads my files after pgp encrypting them, and there's a website where I could log in from any browser and download any/all of my encrypted files. It's not actually a very good idea, for the website to be of any use, there needs to be enough cleat-text metadata (or at least decryptable by the web server metadata, which may as well be clear text), so that I can find the file I want. If that file is called "Metalica_Album.mp3.pgp", or if there a directory called "Disney_BluRay_rips", the large encrypted lumps probably won't do me any good as a defense in court.