Client-side encryption solves everything until they make it illegal, which is a very big and very clear step that they have not made. And if you're not encrypting it yourself, you shouldn't consider it encrypted, period.