Because that person is the person reading security@golang.org, which advertises a PGP key for encrypting emails sent to them. This is the security channel for golang. They should be comfortable using PGP and if they're not then they either need to learn it or they're the wrong person for the job.

How comfortable they are with using PGP has no impact on which community members choose to use it.

There's more context in the article. The author was asked to resend their report without PGP, because using it was a hassle and usually not worth it.

So? I'm talking about whether or not it matters when they do.