Encryption can be done in a matter where the private keys are stored in the user's end, making it far harder for the likes of the NSA to break the encryption.
One example of this is Jitsi's implementation of Off The Recording chatting. When using an XMPP server through Jitsi, the NSA may be able to read the cipher text sent but not the plaintext because the keys are stored on the chat participants computers. Not even the chat server owners know the chat plaintext.
Doesn't Perfect Forward Secrecy protect against that? I am not sure if Google have implemented it but according to the Wikipedia entry:
This means that the compromise of one message cannot lead to the compromise of others, and also that there is not a single secret value which can lead to the compromise of multiple messages.
One example of this is Jitsi's implementation of Off The Recording chatting. When using an XMPP server through Jitsi, the NSA may be able to read the cipher text sent but not the plaintext because the keys are stored on the chat participants computers. Not even the chat server owners know the chat plaintext.