Obviously, given that the TLAs can just national-security-letter a CA (if that's even necessary). That doesn't change anything about my recommendation. You should still use HTTPS, always.
It still has an effect of making your traffic not stand out from anybody else's in a DPI. Also, the TLAs are not the only attacker, and HTTPS may not be transparent to them.
The key feature is that it requires a MitM. That is not easy or cheap, compared to simply catch everything with a simple passive beam-splitter. The idea it is easy to get bulk data with XKEYSCORE/PRISM, but requiring the use of QUANTUM, FOXACID, and other fancier tools is not something that cannot be [cheap, undetected, used against everybody] simultaneously.
It still has an effect of making your traffic not stand out from anybody else's in a DPI. Also, the TLAs are not the only attacker, and HTTPS may not be transparent to them.
The key feature is that it requires a MitM. That is not easy or cheap, compared to simply catch everything with a simple passive beam-splitter. The idea it is easy to get bulk data with XKEYSCORE/PRISM, but requiring the use of QUANTUM, FOXACID, and other fancier tools is not something that cannot be [cheap, undetected, used against everybody] simultaneously.