Good post. What seem most evident to me is that I’m aware of (and follow daily) what I consider basic, personal data security practices. Your writing about them highlights the fact that a majority of people don’t practice them in their online behavior.
I did want to clarify — aren’t the “gag orders” associated with government subpoenas for acquiring personal data usually FISA warrants? Who else would have that authority?!