> meanwhile, if my own government has access to this same data, i suffer direct consequences. my odds of getting arrested for nonviolent crime (e.g. political activism; buying drugs online) go way up when my govt surveils me
It seems like an error to assume these two forms of surveillance are mutually exclusive.
At any of
> the Starbucks you’re using for free wifi
> the ISP your endpoint is using for internet access
> the data centers in which Tiktok is serving you data
> the device on which you didn’t write the OS or any background programs written on it
Presumably anyone with the power and inclination to listen or influence the design of the above can intercept any non-encrypted or not-yet-encrypted data you’re exchanging (and if they’re a state actor, probably get access to whatever information they’d need to perform decryption) - including your government.
Almost all APIs are TLS-encrypted these days, leaking only the hostname to which the client is connecting (via SNI which is as yet unencrypted).
This is not to say you're not being surveilled (as to which apps you use, etc) but there is relatively little unencrypted traffic coming out of most devices in 2022.
It seems like an error to assume these two forms of surveillance are mutually exclusive.
At any of
> the Starbucks you’re using for free wifi
> the ISP your endpoint is using for internet access
> the data centers in which Tiktok is serving you data
> the device on which you didn’t write the OS or any background programs written on it
Presumably anyone with the power and inclination to listen or influence the design of the above can intercept any non-encrypted or not-yet-encrypted data you’re exchanging (and if they’re a state actor, probably get access to whatever information they’d need to perform decryption) - including your government.