Of course you can. This is the argument used by governments in the UK and other countries, e.g. for key disclosure law (it’s illegal to possess encrypted data which you are unable to decrypt upon demand).

Even 5 - 10 years ago, basic disk encryption was seen as pretty sophisticated, in a “what’s at risk if you’re willing to do that?” kind of way. Now it’s standard. You can say similar things for 50 char randomized passwords encrypted on the client, TPMs, TLS by default, etc. etc.

The ratios are likely to change over time as more people realize that their privacy is important.

But that's an "in the future" argument. now you get put on watchlists - because the ratios for early adopters are different.