For example online services today use data in transit encryption against man-in-the-middle adversaries, and data at rest encryption against snapshot adversaries, but without protecting the metadata created when the data is searched or accessed. Even data in use encryption would not protect the metadata. The data is also exposed to persistent adversaries when you don't control the encryption key.
I'm working on a cloud database that uses searchable encryption, the first of it's kind and it's a monumental challenge. Encryption is the easy part, hiding the metadata is what's hard, the way encrypted data is accessed and searched paints a picture about the data. And the server can't be trusted, so the client or trusted third party must never share the encryption key with it, it also have to be able to verify the authenticity, soundness, completeness and freshness of the data.
In other words, don't expect much privacy. Privacy is very hard, and it's not a lucrative business to get into it. From companies to governments everyone wants to feed your data to their statistical machines to predict you. Don't try to hide, you will stick out like a sore thumb, try to blend in, use fake data, make it look real.
To your point about privacy not being lucrative, interesting.
Signal on the other hand, it's not perfect and their protocol can't handle larger groups, but they worked hard on it and it shows.
That being said Messaging Layer Security (MLS) is going to be the next big thing for secure messaging, and it's sponsored by companies like Google, Facebook and Twitter, so it's not black and white when it comes to privacy. Apple and Google for example uses differential privacy in iOS and Chrome. We can probably thank GDPR for it, and Facebook for screwing the pooch so spectacularly.
If you are an "activist" vs a "person that just doesn't want their email scanned for ads" there are very different vendor pools.
