Don't you think that it makes them obvious high-value targets? I mean, that's not even like this profusely pragmatic take has no precedent in the real world: the Snowden revelations showed that all major tech companies were in bed with the NSA to spy extrajudicially on everyone. It's a leap of optimism to think they would "fight legally for its own interest in protecting its customers".
Then, compare that to the low-scale/low-value/hobbyist/residential service providers. How high do you think the chances are for a malicious state-actor to "corrupt" many service operators without it widely being known and publicly dealt with? There's also a deniability dimension to this: XMPP uses OMEMO as a zero-knowledge encryption scheme: whatever the users are doing is none of the operator's business, and the choice of encryption scheme and implementation is purely a client-side affair, so now you are no longer dealing with "reluctant" operators, but potentially millions of end-users using strong encryption. And that is assuming the server is operating in the open, but nothing prevents service operators from offering it over tor (with very little impact on the end-user-side), further raising the bar for the malicious state actor.
Don't you think that it makes them obvious high-value targets? I mean, that's not even like this profusely pragmatic take has no precedent in the real world: the Snowden revelations showed that all major tech companies were in bed with the NSA to spy extrajudicially on everyone. It's a leap of optimism to think they would "fight legally for its own interest in protecting its customers".
Then, compare that to the low-scale/low-value/hobbyist/residential service providers. How high do you think the chances are for a malicious state-actor to "corrupt" many service operators without it widely being known and publicly dealt with? There's also a deniability dimension to this: XMPP uses OMEMO as a zero-knowledge encryption scheme: whatever the users are doing is none of the operator's business, and the choice of encryption scheme and implementation is purely a client-side affair, so now you are no longer dealing with "reluctant" operators, but potentially millions of end-users using strong encryption. And that is assuming the server is operating in the open, but nothing prevents service operators from offering it over tor (with very little impact on the end-user-side), further raising the bar for the malicious state actor.