Also consider that the bad guys (insert: terrorism, Russia etc) probably had some functional understanding of what the spying capabilities were, and those doing the spying probably knew they knew. So what's left is the public being the only party who didn't know, was least prepared and least deserved it. It leaves you wondering.
Now here we are, and I think that while it's nice that we're trying to fight these invasive practices in courts and through policy, security by design is what's needed most. The invasive practices were either completely unlawful or stretched the definition of what is lawful anyway, so the policy side of things should focus on protecting the legality of encryption, not making it illegal to spy.
Everyone needs to understand that everyone is spying on everyone, and every time a system is implemented to protect someone from spying, the spy will test the topology of that system and find a new way in. So begins a Cold War in the protection of privacy - unending, but honest at least.
Now here we are, and I think that while it's nice that we're trying to fight these invasive practices in courts and through policy, security by design is what's needed most. The invasive practices were either completely unlawful or stretched the definition of what is lawful anyway, so the policy side of things should focus on protecting the legality of encryption, not making it illegal to spy.
Everyone needs to understand that everyone is spying on everyone, and every time a system is implemented to protect someone from spying, the spy will test the topology of that system and find a new way in. So begins a Cold War in the protection of privacy - unending, but honest at least.