In the same way that you'd afford extra scrutiny to a government agent making claims about what encryption methods to use, you should afford the same scrutiny to companies making security claims who are documented collaborators with the TLAs.
An ad hominem isn't always a fallacy, especially when the credibility of the speaker is legitimately in question. Saying they're automatically wrong would be fallacious (not to mention silly), but questioning credibility based on actual, documented behavior is not.
Citing the Google Chrome Security team regarding security is the exact opposite of the appeal to authority fallacy. It's an appropriate expert for the context.
In the same way that you'd afford extra scrutiny to a government agent making claims about what encryption methods to use, you should afford the same scrutiny to companies making security claims who are documented collaborators with the TLAs.
An ad hominem isn't always a fallacy, especially when the credibility of the speaker is legitimately in question. Saying they're automatically wrong would be fallacious (not to mention silly), but questioning credibility based on actual, documented behavior is not.