It's unusual that Microsoft is silently
uploading recovery keys to its own servers, but it isn't actually worse than the previous status quo.
There's no way to enable device encryption without
uploading a recovery key somewhere — not even a hidden power user option.
It also
uploads your recovery key to Microsoft's servers, allowing you to regain access to you encrypted drives even if you forget their passwords.
Not exact matches
When you sign in with a Microsoft account, the encryption is activated and a
recovery key is
uploaded to Microsoft's servers.
(If you sign in on a domain, the
recovery key is
uploaded to Active Directory Domain Services, so your business or school has it instead of Microsoft.)
Your
recovery key would then be
uploaded to your organization's domain servers.
You can instead have Windows generate a new
recovery key that will never be
uploaded to Microsoft's servers.