It also ensures that sites that only work in IE continue to work. Google Frame simply lets someone visit sites that only work in IE and sites that need HTML5 without having to know which browser to use for which site.
Having the site control when GF is used is essential for this to work.
I understand the reasoning behind that, but ultimately it should be the user not the website that has control over whether Chrome Frame is activated or not. A user can always visit an IE-only website in FireFox, so it's not creating a new problem there.
Allowing the user control, rather than the website, means the user will get the benefit of Chrome Frame by default rather than as the exception and will stop a potential attacker from getting to choose their attack vector...
Having the site control when GF is used is essential for this to work.