[nine_k]

Any security measure either works for everyone, or for no one. There's no way to give good privacy to "good" people and easily compromise it for "bad" people, for any definition of "good" and "bad".

If "bad" people outnumber "good" people in your world view, then yes, it's entirely reasonable to deny everyone privacy.

What are the institutions that are hell-bent on listening to everyone's traffic? China government? OK, serve them non-sensitive content via plain HTTP; they'll filter or alter it to their liking. Possibly you're fine with this. NSA? Well, maybe something can and should be done to it that we can't do to the China government?

(Not to self: when planning a deployment, consider other options before turning to Varnish cache.)