I suspect the reason to not enable the firewall by default is to try and preserve the "it just works" experience. For simple rules and popular services, it can be easy to setup, but some use cases need a bit of setup that most people might not know how to solve.
For example, routing traffic from one interface to another, which GUFW doesn't even have an option for by default. Here's a recent example of that:
This results in frustration and people would ultimately just disable the firewall entirely anyway. The ideal solution, in my opinion, would be similar to simplewall, one of my favorite programs for Windows, that prompts the user whenever there's a new connection being made, and ask them if it should be allowed or not.
This discussion is very similar to how people would just grant all access to apps on Android, or even Flatpak packages without taking the time to understand what is necessary. This may seem lazy at first, but it's perfectly understandable when most people just want to get some work done.