Re: 3 questions
Oh I see, you meant to be compliant with the law! Of course I considered the legal landscape - I was looking at ignoring it completely and rendering it ineffectual. I guess it comes down to whether you prefer compliance and legalit or security and maybe being imprisoned.
I mean, of course you can't have properly secure comms and comply with all the various laws, the laws are specifically designed to prevent real security. You only have to look at the UK where many standard TLS ciphersuites could be interpreted as being illegal because you can't provide the government with a decryption key afterwards.
I don't think it would be that hard to secure a persons audio comms using decent tech and a reasonable frontend. I don't think it would be that hard to do it in such a way as your comms are unbreakable, even to you (after the fact), but that doesn't mean you wouldn't get put in prison for using whatever I designed.
Usability, flexibility, whatever else are really no more difficult to overcome than the tech issues, IMHO. But you absolutely have to start with the absolute knowledge that you *cannot* have real comms security without the user taking some extra steps - for instance meeting, in person, the folks that they want to talk securely to and using something like NFC to perform a 'bump' certificate exchange/cosigning.
I'm not saying these guys are doing that or are even any good, mind, I haven't looked into it.