> but the admin can see everything, because otherwise management of the service would be impossible.

It depends on what service you’re offering. There are many cases where you can have end-to-end encryption so that you can know who your users are, host their data but cannot do anything with it.