Just like anything encryption has a cost. This cost is actually pretty low. Keeping the government loop and comply with regulations so that terrorist plots are detected early is simply part of this cost. There is an optimal use of encryption where it's marginal costs are equal to it's marginal benefits. We may fall short of this optimum if among other things there is imperfect Information about the costs and benefits. #1 The the benefits are hard to measure and unknown. #2 There are social concerns because of a lack of consensus about what constitutes The Greater Good and this undermines trust. People want their communications encrypted but not the communications of others. The costs of encryption are very low and the technical knowledge is common and equipment is ubiquitous. The problem is not primarily technical. The largest technical problem is related to benefit estimates. Other security holes may allow breaches. Encrypted channels must be decrypted at the end points. If the end points are spyware invested sieves then encryption is irrelevant. Encryption use is not promoted. It's better to have most channels open and encrypt only the necessary information. A start would be to create a collection of ROI and Cost/ Benefit analysis for enterprises over type, industry and size, and for various individuals and households over education level, income, and wealth. Create public policy briefs about encryption. There is a lot of communication people can't exploit and so people don't care about it. For example who cares if someone finds out I am reading web pages to try to prevent razor burn and read a web page on gentle ex-foliation. At least the office would know I am trying ! Who pays to disseminate the marginal cost and benefit information? You don't know when encrypted conversations would have been breached or the costs that would have been incurred from the breach. The costs of breaches are a large part of the benefits of security and must be estimated.

Our economy is near being cashless. Idenity theft is rampant. Information security is anything but obvious. Getting the some of the best minds to work on these issues which are increasingly central to the economy is truly critical. SELinux was first developed as a research project by the NSA . They are charged with securing our infrastructure and had better be giving everyone advise. I am left scratching my head. Giving Microsoft computer security advise seems well... necessary . Microsoft should create a panel of independent experts under NDA and have them review their Windows 7 code base for 'back doors'. Microsoft should involve some prominent civil rights activists as individuals ... not as representative of the organizations they work for to help select the computer professionals serving on the review panel. It is well known that cryptography is a restricted technology. This is a separate issue! It would be redundant and more of a drain on the private, and academic sector to have a separate body from the NSA offering this advise. On the other hand I believe we need a strong independent agency like the Fed or MITRE authorized and charged with government, financial, and corporate over-site that could be watching the watchers as well as analyzing trends and measuring the effectiveness of policy and administration then informing congress and the judicial branches.