I don't need to tell you about the global surveillance disclosures of 2013 to the present—it's no exaggeration to call them the biggest secret intelligence leak in history, a monumental gaffe (from the perspective of the espionage-industrial complex) and a security officer's worst nightmare.
But it occurs to me that it's worth pointing out that the NSA set themselves up for it by preventing the early internet specifications from including transport layer encryption.
At every step in the development of the public internet the NSA systematically lobbied for weaker security, to enhance their own information-gathering capabilities. The trouble is, the success of the internet protocols created a networking monoculture that the NSA themselves came to rely on for their internal infrastructure. The same security holes that the NSA relied on to gain access to your (or Osama bin Laden's) email allowed gangsters to steal passwords and login credentials and credit card numbers. And ultimately these same baked-in security holes allowed Edward Snowden—who, let us remember, is merely one guy: a talented system administrator and programmer, but no Clark Kent—to rampage through their internal information systems.
The moral of the story is clear: be very cautious about poisoning the banquet you serve your guests, lest you end up accidentally ingesting it yourself. And there's an unpalatable (to spooks) corollary: we the public aren't going to get a crime-free secure internet unless we re-engineer it to be NSA-proof. And because of the current idiotic fad for outsourcing key competences from the public to the private sector, the security-industrial contractors who benefit from the 80% of the NSA's budget that is outsourced are good for $60-80Bn a year. That means we can expect a firehose of lobbying slush funds to be directed against attempts to make the internet NSA-proof.
Worse. Even though the pursuit of this obsession with surveillance in the name of security is rendering our critical infrastructure insecure by design, making massive denial of service attacks and infrastructure attacks possible, any such attacks will be interpreted as a rationale to double-down on the very surveillance-friendly policies that make them possible. It's a self-reinforcing failure mode, and the more it fails the worse it will get. Sort of like the war on drugs, if the war on drugs had the capability to overflow and reprogram your next car's autopilot and drive you into a bridge support, or to fry your insulin pump, or empty your bank account, or cause grid blackouts and air traffic control outages. Because that's what the internet of things means: the secret police have installed locks in everything and the criminals are now selling each other skeleton keys.
The only way out of this I can see is to abolish the secret police and build out a new secure internet before the inevitable processes of institutional change generate a new rationale for spying on us. Unfortunately I see no way (at present) to pursue this agenda.