Your successes are secret, your failures are known. That's your industry's catch phrase.
Here's a list of things I can think of:
1. If you're the CIA/NSA, stop spying on American citizens.
2. See #1
3. Stop NSLs. If you want data, get a valid warrant visible to the public. Allow companies to inform their users/customers that their entire platform is vulnerable.
4. Subject yourself to non-govt over view.
5. Stop hoarding 0-days, and actively work with vendors to fix vulns.
Don't know how to fix it, but until you're no longer in the news for screwing up, this is where we are. Your internal documents show that all of that data slurping has not led to significant positive results. Why spend the money on it then? Why erode the trust that you want? You don't want to tip off the advesary, but your own citizen's rights are much more valuable than what little information you are getting.
6. Whenever coming up with a new spying/data collection scheme, ask yourself "in the light of public outcry in the past, how would this new thing be perceived?" Be honest about it, and not hand wavy "the public will be okay as long as we catch bad guys".
Here's a list of things I can think of:
1. If you're the CIA/NSA, stop spying on American citizens.
2. See #1
3. Stop NSLs. If you want data, get a valid warrant visible to the public. Allow companies to inform their users/customers that their entire platform is vulnerable.
4. Subject yourself to non-govt over view.
5. Stop hoarding 0-days, and actively work with vendors to fix vulns.
Don't know how to fix it, but until you're no longer in the news for screwing up, this is where we are. Your internal documents show that all of that data slurping has not led to significant positive results. Why spend the money on it then? Why erode the trust that you want? You don't want to tip off the advesary, but your own citizen's rights are much more valuable than what little information you are getting.