I've worked in highly regulated environments - and you can't reach out the EFF or ACLU without being sued into oblivion after signing the typical contracts. Get a lawyer is your only option - and only on their advice should you contact anyone else.
As for specific examples - what about SCADA, SWIFT (finance), Biologics (genomic pharma), or anything that actually could impact someone's life or an entire community? RS-485 double drops vs PoE for a factory is one example. External auditing of back office / risk management / fixed income software is another. Simulated modeling of genomic drugs and FDA phase II trials is another. And then there's Barnaby Jack vs Medtronic... lots of great examples out there better than tor/encryption.
Very true! I excluded SCADA and most biologics because they are not necessarily intrinsically harmful in the way I wanted to discuss. There are people far more qualified than I am -- yourself probably included -- who can discuss how to safely build those kinds of systems.
I wanted to touch on a slightly different problem; deciding to build something which is fundamentally impossible to do safely, rather than something which is very difficult to do safely.
As for specific examples - what about SCADA, SWIFT (finance), Biologics (genomic pharma), or anything that actually could impact someone's life or an entire community? RS-485 double drops vs PoE for a factory is one example. External auditing of back office / risk management / fixed income software is another. Simulated modeling of genomic drugs and FDA phase II trials is another. And then there's Barnaby Jack vs Medtronic... lots of great examples out there better than tor/encryption.