The recent revelation of a historic hacking attack on U.S. businesses and government targets has put America’s national security apparatus in a conundrum. On one hand, the scale of the likely Russian sponsored attack is an excellent cudgel with which to press Congress for more power and money to fund secretive — and constitutionally problematic — national security programs. On the other, it proves that privacy hawks have been rightfully concerned about the state of America’s data security.

Earlier this month, reports surfaced that a major IT security company, SolarWinds, was hacked and its software corrupted to include a “back door” easily exploited by other hackers. This corrupt software was then unknowingly pushed by way of an “update” to an estimated 18,000 customers – including numerous Fortune 500 companies and several government agencies – which left the back door wide open to hackers for months prior to being discovered. Experts suggest we may never know the full scale of this attack, or the degree to which it imperils America’s national security. 

That the hack involved a malicious back door is an irony not lost on privacy hawks, who have for years warned against federal agencies (especially the ultra-secret National Security Agency) having the power to force private software providers, smart phone manufacturers, and social media giants to build back doors that allow for surreptitious government access to users of their products and to their companies’ databases. The resulting compromised security has been as regrettable as it was predictable. 

In 2015, for example, the Chinese government is suspected of hacking into the NSA itself, via an encryption back door the agency demanded of a major cybersecurity company. Even earlier than that, the NSA was involved in developing one of the most effective hacks of Microsoft systems, only to have this tool stolen by hackers and released to the public, where it is now accessible by criminals, foreign governments, and all manner of non-state actors.

It…