UserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36

Steps to reproduce the problem:
1. Go to facebook.com
2. Click the lock icon and read the reassuring text that all my information, indeed all my passwords and my credit card information would be totally private when sent to them.
3. Repeat this process with any scammer website where Chrome still tells me that my information is private.

What is the expected behavior?
As a regular user, when I say to somebody "your information is private when you send it to me", I mean that it's private after it arrived.
A man in the middle attack is not something that a user would ever worry about or think is even possible.

Suggested info text:
"This website is using encryption for data transfer which means that the information you send here will be private between you and the website during transport. Make sure to trust the website with your data before and after sending it."

What went wrong?
Chrome is telling users that data sent to e.g. Facebook is private. As we all know that didn't turn out to be the case for many. But it's much worse when these assurances are given while unsuspecting people are on scammer websites with valid ssl certificates, and we all know it's easier than ever to get an ssl certificate now.

Did this work before? N/A 

Chrome version: 71.0.3578.98  Channel: stable
OS Version: 10.0
Flash Version: