The only answer is the same one for CALEA, absolute mil-grade encryption on every single packet! Given that, it won't matter if they capture packets, they wont be readable. with new repressive legislation popping up around the world (see UK) you can be forced to give out all your keys.
However, as MHSC has found out the hard way, folks don't want to pay for it. Even when it is freeware, they wont go through the extra trouble to install it. The proof is the market penetration of PGP. as long as it stays as bloated as it has been made,
the US practice of law enforcement is similar: http://devrandom.net/~dilinger/ technology can't replace standing up for our rights. there is no way to really know whether it has a backdoor now. i asked phil zimmermann and he seems not interested in releasing a simple, easily analysable drag and drop app. GnuPG.org could be better here. you are right, it needs pioneering until the masses move. (nothing unusual about that, is there ?) http://securityfocus.com/focus/linux/articles/clear1.html
At one time, MHSC offered VPN software and an SSL-based web mail product, of course carnivore has no problem decrypting SSL.
kind regards philippe, http://A-Z-Internet.com