Easy Solutions, but Won't Happen
The solution is simple: use OpenPGP to encrypt data on physical media and OpenSSL to encrypt data on electronic media. And never, ever disclose your OpenPGP private key to anybody, ever, not even law enforcement.
But, it's not going to happen as long as Microsoft are part of the equation. Outlook Express is a product that people aren't meant to use seriously; the idea is that they're supposed to realise it's shite and fork out for the real Outlook. (Never mind that that isn't what actually happens; what's important is what's *intended* to happen.) Microsoft aren't going to put OpenPGP support into Outlook Express, because it's meant to be deliberately crippled.