FOSS and client-side encryption alone are not going to solve this problem. If governments can openly demand and enforce whatever they like, then users of these technologies can be threatened with draconian punishment and be prosecuted as terrorists and pedophiles.

There needs to be counter pressure from consumers, consumer groups, experts and corporations in order for client-side technologies to remain a viable option for people outside the Ecuadorian embassies of the world.

Corporations are not in the business of appeasing local governments. Corporations are in the business of pleasing consumers so that they make a profit. They appease local governments only to reach consumers and they can't do it in a way that causes consumers to distrust them as that would be self defeating.

Also, what is in the economic interest of a corporation is not self evident. It's the people at the top of these companies who make these judgements. I'm sure many of them value their privacy more than the average person and their judgement is going to be influenced by that. The same goes for shareholders.

It's always going to be a balancing act for global internet companies so let's make our weight felt!

You're describing a world where corporations represent you, the consumer. But you're not a constituent of the corporation, you're a resource. Corporations want to keep you happy in the same way that dairy farmers want to keep cows happy, so they'll keep on producing money or milk. The constituents are shareholders.

The ones representing your interests are the elected parts of the government. Which, I know, is laughable in the US. But still, corporations are not it.

Your comments on open source and consumer counter pressure describe something hopeful.

Not at all. I'm describing a world of partially shared mutual interest.

>Corporations want to keep you happy in the same way that dairy farmers want to keep cows happy

No. I have a voluntary business relationship with some corporations. Cows do not have a voluntary business relationship with farmers. Corporations cannot milk me against my will or slaughter me when I stop giving milk. All they can do is try to trade with me.

My relationship with the people of the country I am allowed to vote in is not voluntary. It's a result of the birth lottery. I don't even share many intersts with them as I don't live there and it's not a global superpower.

That said, it's not my intention to deny one fundamental fact: The extent of my influence on corporations as a consumer and as a shareholder depends exclusively on my wealth. My influence on elected politicians is much more complex and there is at least some chance of my being human to count for something regardless of wealth.

Fundamental rights to privacy cannot be based on wealth, but that doesn't mean we should ignore our shared interests with corporations where they exist.

a bit off-topic, but is there a country that is not laughable and the general public actually trust and believe the government have their needs in mind?

"respond to the people at large" is an awfully general characterisation.

What corporations typically do is respond to wishes of their customers and prospective customers, provided they can make money from doing so. If one corporation does not, a competitor probably will. So there are potential alliances to be formed between consumers and specific corporations regarding specific political issues.

Again, I'm not saying that the market or consumer power magically replaces democracy or that the interests of consumers and corporations are naturally aligned in general.

Maybe in the perfect magical world of highschool civics where consumers have total freedom to choose from amongst competitive products and corporations are perfectly open about privacy. The reality is much less idealized. Corporations lie to customers daily. Contracts bind customers to not adopt competitive products. And state-sanctioned monopolies in many counties (US/Canada/China) severely limit choice.

Any publicly traded corporation, by definition, is only interested in money. Sometimes appeasing customers helps that bottom line, but often it doesn't. Sometimes screwing over you customers is the way, especially when those customers have nowhere else to go.

Those who would violate our rights are fighting this war on multiple fronts. F/OSS is an effective tool for defending against government hackers for some attack vectors, but aren't a panacea. There are a number of firmware and hardware attack vectors that F/OSS can't defend against currently.

And at best, F/OSS only protects those who use it and use it correctly and end-to-end. Human rights don't just apply to people who think they need them. Facebook/GMail/Baidu users still have a right to privacy even though they've chosen to use services run by companies whose business models inherently involve violating their rights. Users who think they are anonymous on Reddit/Imgur still have a right to privacy even though they don't understand that they are being tracked through ads.

I know that this is somewhat of a losing war, but we've won battles here and there. Remember that if it weren't for the legal side of this fight, many of the technical solutions we which are widely available today would be classified as weapons and therefore unavailable to many people.

Of course you can enforce it. Create a law that tech giants must comply with FISMA/FEDRAMP, ISO 27001, DFARS 252.204-7012. I don't see why that's such a bad thing anyways. Compliance is a necessity because its just thorough hygiene.

Why DON't we have a written process to change our firewall rules, a written process to review our code, a written process to rotate our keys. These don't seem like a burden to me at all.