There are two basic ways for the NSA to snoop on you using this device.
1. Listen to the internet traffic
2. Install malware to listen to everything
For #1, the Echo only sends conversations preceded by it's keyword. But since the alternatives to the commands you're telling Echo involve the internet anyways, what's the difference? IOW, asking echo for the weather sends the same basic information to the NSA that pulling up the weather app on your phone does.
If the NSA is going to do #2, they're going to do it to the phone in your pocket rather then targeting a niche device like the Echo.
Modern smartphones are always listening for "siri" or "ok google", and are regularly sending keep-alive packets, so I doubt that the battery drain for spying would be significantly noticeable, if done properly.
> why do one or the other?
Because resources are limited, even at government agencies. Effort spent hacking a device that will probably sell in the tens of thousands when they could be targeting devices that sell in the hundreds of millions just seems silly.
I agree that hacking the Echo might be pointless because it won't sell many is reasonable but that's a somewhat different argument.
Still, personally if I had concerns about privacy and secrecy I'd be looking to limit the number of devices in my own home which had an always active microphone.
1. Listen to the internet traffic
2. Install malware to listen to everything
For #1, the Echo only sends conversations preceded by it's keyword. But since the alternatives to the commands you're telling Echo involve the internet anyways, what's the difference? IOW, asking echo for the weather sends the same basic information to the NSA that pulling up the weather app on your phone does.
If the NSA is going to do #2, they're going to do it to the phone in your pocket rather then targeting a niche device like the Echo.