Steganography is certainly a valid strategy(and endless source of amusing and creative ways of stuffing data inside other data while keeping everything conformant and normal looking; but I’d be somewhat pessimistic about its utility here(except, ironically, for certain actual-malefactor uses cases).
The trouble is that, unlike cryptography, where you can make fairly strong claims about its effectiveness(‘barring the existence of a prime factorization mechanism that runs in such-and-such time, you aren’t getting anything useful’), steganography is always security by obscurity. It might well be effective; depending on your technique and the adversary’s competence; but there is little you can do to be more or less confident in it. Worse, under a hypothetical legal framework attempting to crack down on cryptography, steganography development would be something you’d likely have to do alone/with trusted conspirators(since public development would expose your methods to The Man), while steganographic attacks could be freely developed, and likely would be, either by the adversary or for sale to them.
It would certainly work some of the time, quite possibly much of the time; but, unless the penalties for using non-backdoored crypto were so laughable that the steganography would be irrelevant, you would only need to get unlucky once in order to have the proverbial ton of bricks descend.
