PGP was not exactly banned but if you were in Europe when ITAR restricted its export, and you were trying to download from strait-laced corporate types like AOL, they wouldn't let you.
And even if a determined person could get around the blocks, they severely limited the network effects; office workers on their employers' PCs weren't going to be getting encryption software from IRC bots to bypass arms export laws.
Some time towards the late 90s PGP became much more easily available.
IMO that's less due to the ease of setup and more due to the lack of any sane key exchange system & general impossibility of encrypting all email content (e.g. subject line).
And even if a determined person could get around the blocks, they severely limited the network effects; office workers on their employers' PCs weren't going to be getting encryption software from IRC bots to bypass arms export laws.
Some time towards the late 90s PGP became much more easily available.