In the post-Snowden era the idea that government agencies are spying on us is no longer the real of Movies/TV or conspiracy theorists. It is fairly well documented that this is happening every day. The question has moved from what if this happens, to what we are going to do to change it. Well one of the biggest hurdles has been trying to find people in power that even want this to change. When you consider the fact that the people with the power to stop the mass spying are likely to be the ones that voted to put it in place. This has meant that the average person must try to prove their case in the courts.
One of the truths in security is that while an attacker can stay hidden they can continue to operate. In short, if you do not know about something, there is nothing you can do. Now you would think that this fact would encourage firms to talk about breaches and hacks more openly, but this is still not the case. One of the things I have seen over the years is that every company operates as an island. They do not share threat information (they might share your private data, but not threat information). This has created an environment where threat actors can continue to maintain attacks even after discovery at a different location. It is also why we tend to see the same threat vectors used over and over again.