The problem isn't so much that governments are spying on their citizens so intrusively: It is that they are able to spy so intrusively.
Another thing: Anything the NSA can do the mafia can do also, albeit on a smaller scale. Regulating the NSA will do nothing to stop other actors, including some decidedly unpleasant ones.
This is a far bigger problem for technology than it is for government.
Why are we making technology with so many gaping vulnerabilities?
Surely there is something wrong with the way we develop software and hardware if it is so easy for us to ship vulnerable systems and so hard for us to secure the systems that we have already shipped.
This is a hard problem to solve, but until we put our man-pants on and face up to it, then we remain stuck.
Everything else solves only a tiny fraction of the problem, and mostly serves only as a distraction from the central issue: The technical challenge of making systems and software that we can trust.
We need to rethink how we design software / hardware systems.
We need to rethink what we mean when we talk about software engineering professionalism.
We need to rethink how we approach quality and liability issues.
All of these things go so much further than just 'being smart about security': They go to the very core of our profession and how we organize ourselves.
True, we need to contain bad actors, starting with the ones who are actually criminal and hostile, but that comes a distant second to the imperative need to get our own house in order.
The security services are literally the least of our worries, and (almost) the last thing we need to worry about.
We have much much much bigger problems.
Brookings Institute poses as a "centrist non-partisan think tank", but as we see here is really just a sock puppet for the military-industrial complex, among other evil plutocratic interests. Like lots of "centrist non-partisan" organizations.
There are multiple ways to arrive at a balanced compromise between:
* the Left's platform (use government to ensure everyone is fed, entertained, coddled and unoffended); and
* the Right's platform (use government to exert Christian theocracy, and to earn bribes by exerting the largest pocketbooks' wills, even if that means building an empire).
Two notable extremes of such compromise are:
* use government to do everything under the sun, from wealth redistribution to world conquest (cf Horseshoe Theory); and
* don't use government for anything for which it isn't absolutely necessary (cf libertarianism aka classical liberalism).
IMHO classical liberalism is better than nationalist-socialism, and it seems you agree; but both positions could be described as "centrism" since they lie between the Left and the Right.
I wonder about the practical effectiveness of it:
It only covers state and local government agencies (if I understand correctly). How much surveillance do they perform? Business performs far more AFAIK. Can they continue to hand over data to the federal government? What about federal contractors such as Palantir? What about state and local data sold on the market, such as drivers license and voting information (at least in many/most states; I don't know about Michigan).
The law makes an exception for a legal warrant exception, such as instances in which there's no expectation of privacy. 'No expectation of privacy' is, I understand, how every business gives data to the government and seems to allow government and business access to everything but a lead-sealed, windowless, Faraday cage in your house (but the smart power meters can identify a lot of your activity anyway).
Also, other factors make it seem symbolic:
> The Michigan law doesn't make cooperation with the NSA a crime or outline an enforcement mechanism.
> passing with a single "no" vote in the legislature
I don't think this is actually true. A single no vote just means that it wasn't unanimous (but almost so).
As for not defining a crime, much of law (e.g. the constitution) does not define crimes, but regulations of government which may be enforced by courts. E.g. the government must not station troops in your house in peacetime (Third Amendment) or the government must appoint you legal counsel in a trial (Sixth Amendment).
> The law makes an exception for a legal warrant exception
I also wonder about this, particularly as a lot of the NSA's activities do have "legal" warrants issued by the secretive FISA court.
> I don't think this is actually true. A single no vote just means that it wasn't unanimous (but almost so).
The implication I drew from it was that the bill was uncontroversial. If security agencies thought it was a threat then I'd expect much more of a fight, though that would not necessarily happen.
To get as close as possible to perfection isolation, also ground the cage to make it produce much less emissions and use some filtering device on any cords connecting it to power/communication grids (ungrounded Faraday cage only stops incoming communication, not outgoing one).
[Edit for context: the title of this post and the accompanying article have both been updated to "Michigan" instead of simply saying that a state had done so.]
I don't know that this law will have more than symbolic effect, but I'm glad to see it anyway.