I think it would help if we consider US companies potentially equally bad. For example, a US bank has the potential to make a lot of money from our personal data, and should be treated with suspicion just like any foreign company in that position.