Reminds me of when Google security engineers...ahem...reacted...to the Snowden leak that the NSA was spying on internally decrypted traffic. [1]
It's insane to me that the US spied on an American company's internal traffic, got busted, and the only viable response was "well, I guess we have to make HTTPS mandatory in the protocol now".
Not that it was the wrong response. Just that it wasn't even on the table to say "hey, NSA, wtf..."
Unless you see the NSA as some sort of weird, legally protected black hat blue team.
I'm not defending this thought process, and I disagree with it, but I can at least understand.
You basically have two levels of recourse against the state for redress of grievances: elections and litigation. You absolutely can, and I believe every major corporation should have, sued the NSA and the larger federal government post-Snowden. I'm not a lawyer so I don't know the specifics of what that would have looked like but it seemed like a pretty egregious violation of a whole list of rights. But litigation, especially against an intelligence agency, seems a little quixotic in this context.
Elections don't seem like they'd have much impact against the NSA. They're not elected officials, and only the top leadership is appointed. Most of them are career bureaucrats (I don't necessarily mean that in a negative way) and scientists/mathematicians. You could replace a third of the Senate and the entire House every 24 months and you're not going to get sweeping changes throughout the NSA. From a national security, somewhat hawkish perspective, that might be a feature rather than a bug? But from a civil liberties/freedom perspective it's definitely a concern.
