Only S/MIME, PGP or similarly encrypted mail messages are secure. All other mail is routed through various servers which may or may not use an encrypted connection. It's like trusting the post office to never read your mail (which they have the authority to do if they perceive some kind of safety threat). Encrypt the message contents if you care for message privacy.
If you want sender/receiver privacy too, you can try using Tor hidden services direct to the individual. I can't think of any other way off the top of my head to send SMTP mail and completely conceal the recipient(s).
What is secure? If government sezies your key, in some jurisdictions they can compel you to release your passphrase (if one is required), then they can go back and decrypt absolutely everything you ever sent. (OTR gets around this but this is largely by leaving the network layer location privacy / initial authentication / key exchange problems out of scope.)
Finally, traffic analysis is pretty powerful. Even if Eve can't read your messages, she can see who they went to and when (and maybe who they in turn communicated with afterwards) and thus easily determine probable relationships - Tor based endpoint, or not. (Hrrm ... but two Tor based endpoints, on the other hand...)
I don't think we were discounting the rule of law. We were going with the 'currently some western governments will force you to reveal your password' legal reality.
Tor attempts to work around traffic analysis by using fixed-length records, and being a bridge helps hide your traffic with other people's. But nothing's perfect.
"Secure" in this context means "not readable by anyone but the recipient". Of course, if you have the recipient in custody, this is the easiest method to decrypt the messages: http://xkcd.com/538/
(OTR-style cryptography is nice, but sucks for store-and-forward communication; for a comporably difficult message to decrypt more than once, use one-time pads - but don't complain to be about distributing the pad dictionary, that's totally out of scope here ;)
It's certainly an option, but you must use a client like Thunderbird to do it, loosing the ubiquity of the web interface. Maybe when window.crypto will be standardized and with a good browser extension we will have security and easy of use.
If you want sender/receiver privacy too, you can try using Tor hidden services direct to the individual. I can't think of any other way off the top of my head to send SMTP mail and completely conceal the recipient(s).