…because VPNs obscure a user’s true location, and because intelligence agencies presume that communications of unknown origin are foreign, Americans may be inadvertently waiving the privacy protections they’re entitled to under the law…
…VPNs might protect you against garden-variety criminals, but the intentional commingling of origin/destination points by VPNs could turn purely domestic communications into “foreign” communications the NSA can legally intercept (and the FBI, somewhat less-legally can dip into at will)…
Certainly the NSA isn’t concerned about “incidental collection.” It’s never been too concerned about its consistent “incidental” collection of US persons’ communications and data in the past and this isn’t going to budge the needle, especially since it means the NSA would have to do more work to filter out domestic communications and the FBI would be less than thrilled with any efforts made to deny it access to communications it doesn’t have the legal right to obtain on its own.
Since the government won’t do this, it’s up to the general public, starting with everyone sharing the contents of this letter with others. VPNs can still offer considerable security benefits. But everyone needs to know that domestic surveillance is one of the possible side effects of utilizing this tech.
Oh nooo, we won’t be protected by the law they can’t be arsed to follow anyway? Whatever will I do when they surveil my encrypted VPN traffic?
Store now, decrypt later. Make sure your VPN is using quantum-safe encryption algorithms with perfect forward secrecy. They are storing ALL traffic that goes outside the country (probably domestic traffic too, realistically).
Don’t you think that would take too much storage space?
They can probably use heuristics to keep the 0.1% most interesting traffic (eg traffic that flows towards servers that isn’t too large, that’d catch everything you send to your bank without breaking the budget to store)