[thematt]

Web crypto will never solve this, especially not when provided by a big company like Google/MSFT. They'll always have provisions to make the unencrypted version available to authorities. You can only trust client side encryption.

[mtgx]

Yes, that's what I meant. Implement web crypto and allow the user to use his own encryption key. So nobody but you and the recipient can access it (unless they can crack it, of course).