I'm not opposed to a CEO pushing encryption and deciding for themselves their level of risk tolerance. However it's important to assume eventual failure under pressure and think that scenario through.

To take two extremes:

1. If the code is out there, the deed is done.

2. With a closed platform, you just trapped your users.