While I agree with you, most of the design of the control software on these devices doesn't even assume that a home network would have more than 1 broadcast domain or subnet. This leads to apps not being able to connect from wireless if the IoT thing is on another subnet/etc.
It causes some issues from time to time, especially when they auto-discover their counterparts or control devices on one subnet and don't think there might be another locally. I recently had an issue with chromecast like this: It was joined to the 2.4gHz wireless, which was technically being used as a sort of "device wifi" and my phone on the 5gHz wireless (on another subnet/vlan) wouldn't allow me to enter an IP - it just kept trying to search the one vlan/subnet.
That was before they released chromecasts with 5gHz support, so maybe they fixed this, but things like these non-considerations for more complicated home networks turn me off to most IoT devices. That and I trust the security in them so little I doubt I would let the vlan they are on out to the internet, which probably breaks most of them.
tl/dr: agreed, but that breaks a lot of the functionality of these things.
"Protect our trade craft" is a statement a surveillance outfit, not a law enforcement agency, makes. That's the terrifying disclosure: The FBI just admitted they aren't interested in law enforcement, they are interested in espionage.