When does ‘responsible encryption’ equal surveillance?