Some thoughts on this:
At present, there are Fifth Amendment protections against having to surrender your password. The specific case that brought this up in 2007 stemmed from a US citizen re-entering the US whose laptop was inspected on suspicion of it containing child pornography. This in turn resulted in a ruling in Vermont that surrendering the password may be a form of self-incrimination, and is thus protected under the Fifth Amendment. While I'd rather not get into debating the judge's opinion on this matter, see Google search "
In re: Boucher" for more info.
Related to that: there are definitely efforts underway to undermine this protection, largely because it would make law enforcement's job easier. They have not yet passed at a legislative level (to the best of my knowledge), but there has been some debate on the issue, largely centred around the contentious problem of child pornography. Pretty much everyone other than paedophiles is in agreement that it should be stopped, but the contention arises because of the legal issues - particularly surrounding personal digital rights - that it raises.
My personal opinion is that legislators are seeking a one-size-fits-all approach from an enforcement perspective whereby anti-child porn legislation can also be applied to other areas (specifically: terrorism) rather than engaging in surveillance and intelligence-gathering to accomplish the same end result. It's pretty clear where this would be highly-detrimental to individual rights.
With respect to what happened regarding the surrender of the password in the UK: my suspicion is that the Counterterrorism Act of 2008 (and others) would have legally-compelled him to do so when asked. That he did not resulted in jail time, to be certain, but should not be construed as an admission of wrongdoing as there is no evidence at this time to support such an assertion. Unfortunately, the Counterterrorism Act (along with other such legislation) makes the Patriot Act look tame by comparison in many ways given the differences in (effectively) Constitutional protections between the UK and US; he should count himself lucky that he wasn't given more time or an indefinite hold as a suspected terrorist.
Having a strong password is a good starting point - but that's about all that it is. If the data on or in transit to and from the machine is not itself encrypted, the password is pretty much moot as the data can be acquired, forensically-examined, and anything potentially-incriminating recovered in an immediately-readable format. If this is a concern of yours, I would recommend taking a look at
Truecrypt (free) or
PGP Whole Disk Encryption (commercial).
Ultimately, there's very little that resists rubber-hose cryptanalysis all the way through. If you really, Really,
REALLY don't want to divulge the contents of whatever the other guy has already intercepted or acquired, don't be found, don't let anything that may give them a leg-up on getting it into the clear be found, and be prepared to physically destroy and/or defend with your life the data as a last resort.
