There's also the whole issue that entities (usually governments) have no unified and standardised way of encrypting mails yet, thus to not be open for data protection law lawsuits, they just use paper and mail, which is considered a safe transfer of documents.