> So, playing devil's advocate for the moment --- and taking the above facts into account --- what, precisely, would you do in their position?
That depends on the law. Is it legal in the US to store someone else's strongly encrypted data on one's server? Assuming it is, then they should encrypt by default and then if law enforcement forces them to give up data, give what they have.
That depends on the law. Is it legal in the US to store someone else's strongly encrypted data on one's server? Assuming it is, then they should encrypt by default and then if law enforcement forces them to give up data, give what they have.