The only way to enforce a ban would be make it illegal to run non-approved software on any device. Otherwise if you can side-load or install an executable then it could be an end-to-end encryption application or contain hidden somewhere in the interface the possibility of end-to-end encrypted communication.
The only "walled garden" where this is remotely achievable is on locked down Apple devices (iOS) - where even developers are required to acquire special certificates to test their own software.
Basically running or controlling software would be licensed under the sole auspices of the "authorities". In this dark world all developers would be vetted and regularly checked up on.
And all for what? So we can see the last "goodbye world" message sent by a deranged individual.