About two years after ex-NSA contractor Edward Snowden disclosed that the U.S. government had intercepted tens of thousands of domestic e-mail exchanges and instant-message conversations under the guise of counterterrorism, the government is frustrated that the technology industry won’t play ball and create a technical environment to allow it to enforce the law.

The New York Times reported on Monday that Apple, Microsoft, Google, and others are resisting building access points into their networks for the benefit of the government. In Apple’s (AAPL) case, it’s a door into the company’s encrypted iMessage communications system; in Microsoft’s (MSFT) case, it’s a portal into the computers in its data centers. The Justice Department, FBI, and Department of Homeland Security insist such points are necessary to enforce the law—say, to catch prominent drug dealers by spying on their conversations. The giants of the technology industry say that the Snowden incident shows how reckless the government can be when it has access and a reason.

MORE: How often tech companies share data with the government

It’s a thorny issue. Allowing such access opens the door, so to speak, for other government agencies around the world to tap into the technology companies’ networks, turning one of the greatest positives of the cloud-computing era—ubiquity—into a negative. It raises further questions about the categorization of certain companies in the eyes of regulators. (Telecommunications firms like Verizon (VZ) and AT&T (T), tech companies in their own right, ultimately allowed legal wiretap access points. But non-telecom companies aren’t covered by that law.) And the specter of serious security issues—after all, an access point is an access point, whether for good actors or bad—looms.

MORE: FBI director: Sony hackers ‘got sloppy’

There are shades of the gray to the issue, and different types of encryption technology allow for varying degrees of access. But the surge in popularity for end-to-end encryption—the type that Apple uses for iMessages—has government officials up in arms. “Apple has no way to decrypt iMessage and FaceTime data when it’s in transit between devices,” the company writes on its website. “So unlike other companies’ messaging services, Apple doesn’t scan your communications, and we wouldn’t be able to comply with a wiretap order even if we wanted to. While we do back up iMessage and SMS messages for your convenience using iCloud Backup, you can turn it off whenever you want. And we don’t store FaceTime calls on any servers.” Naturally, the Cupertino, Calif. company has used that stance as a competitive differentiator against its peers.

Expect an ongoing dance as the government tries to reclaim its rights in an always-on era and technology providers bristle at the government’s relatively unchecked powers of data collection.

Sign up for Data Sheet, Fortune’s daily newsletter about the business of technology.