I doubt Google will publish old private keys that were not designed to become public later. I would guess that it's too dangerous or cumbersome to do the security analysis.
What if someone realizes that Google uses a broken cryptographically secure pseudorandom number generator (CSPRNG) à la Debian ? Unlikely but the risks exists, so not going to happen in my opinion.
> What if someone realizes that Google uses a broken cryptographically secure pseudorandom number generator (CSPRNG) à la Debian ?
1. Someone with bad intentions figuring that out could start spamming other domains using gmail.com From Addresses.
2. Someone with good intentions would contact google security for a bug bounty or maybe just publish a zero-day report. Google would correct the issue and the world would be a slightly more secure place.
#2 would almost certainly happen, I suspect. And if #1 happened _before_ #2 then there'd be more spam in the world, temporarily.
What if someone realizes that Google uses a broken cryptographically secure pseudorandom number generator (CSPRNG) à la Debian ? Unlikely but the risks exists, so not going to happen in my opinion.