Security is definitely not binary - you need to consider your threat model. What are the risks you’re taking, who do you need to trust?
Email can be secure enough in many cases. It depends on what you’re trying to do with it. If you’re using a modern provider, the risk isn’t so much people seeing your message in transit as it is the social engineering inside the message.
Roam already uses transport encryption, so only you and Roam can see the messages but either party can (deliberately or not) decide to disclose what they know. We trust Roam won’t do that without permission.
End to end changes things a bit, because in theory now Roam can’t see our data even if they did want to. But we still need to trust the software they send us that interacts with that data. And it brings problems too: now a password reset will wipe all your data, because Roam can’t see it any more. Or we switch to a hybrid model where actually the keys need to go through Roam but they promise never to use them.
Not end to end doesn’t mean not encrypted in transit and at rest, and that’s what GDocs and Dropbox do at least. Then you’ve got to trust their internal controls, access policies and audit abilities.
None of which touches on what’s probably the weakest security point: the device in which you’re accessing Roam. E2E might actually be a disadvantage here as you’ve got to have local access to the encryption keys, while a service provider like Google can do a fair amount to mitigate your device being stolen.