The NSA, the original primary developer of SELinux, released the first version to the open source development community under the GNU GPL on December 22, 2000.[6] The software was merged into the mainline Linux kernel 2.6.0-test3, released on 8 August 2003. Other significant contributors include Red Hat, Network Associates, Secure Computing Corporation, Tresys Technology, and Trusted Computer Solutions.
It is much harder now that https is the standard. They still can work wig individual companies but that’s a much smaller scope.
If they’re in your OS they see the data before it’s encrypted
Exactly
They first need access. That’s not hard with proprietary focused operating systems but with a properly secured Linux or AOSP system it is much more tricky.