Wait, really? That’s shocking to me - I would have assumed the entire link was encrypted E2E. Are there technical limitations that make this infeasible?
as a network engineer for the most part
we consider it the responsibility of the end user to encrypt their traffic, we function mostly as the freeway of the internet. some exceptions are when we have links through enemy territory such as through a foreign territory we are traditionally adversarial with. There are exceptions such as Google's anger at their backbone being snooped.
Considering that AMD processors now have the streaming encryption capacity to encrypt data as it travels to and from the memory controller, I think we're at a point where performing high bandwidth symmetric encryption is not significantly more expensive than the existing encoding/transport costs.