Consistently block delegates or shared mailbox members from accessing protected messages in Outlook

while i somewhat do understand this change for shared mailboxes (most likely users with access to shared mailboxes are allowed to read all mail, not only encrypted - admitting there might be cases as described for automated mail from a customer portal, but again, I do not see them as often out in the wild), i completly do not understand the user part.

Wouldn't it be more effective and more likely that a delegate can not read encrypted mail by default? The whole sense of encryption to me is that only the recipient can read those mails (compare with S/MIME encryption) and the sender on purpose sends those mails encrypted to prevent the mail to be read by someone else. Therefore a general block would make more sense in my mind and then the 'set-mailboxirmaccess -identity <mailbox> -delegate (-user) <delegate> -AccessLevel Allow' for those who really need to read the encrypted mail as delegate.