TLA backdoors.
That's actually a good point. Who is liable if an attacker successfully intrudes via a backdoor that you are legally required to leave open, and you are legally forbidden from admitting exists. Someone has probably pointed this out, and it's currently gone for consultation behind closed doors.