Critical analyses of security have focused on the production of knowledge, techniques and devices that tame unknowns and render social problems actionable. Drawing on insights from Science and Technology Studies and the emerging interdisciplinary field of ‘ignorance studies’, this article proposes to explore the enactment of non-knowledge in security and legal assemblages. Starting with legal challenges brought against the NSA and other intelligence agencies after the Snowden revelations about mass surveillance, it shows how different modes of non-knowledge are enacted and not just ‘tamed’: uncertainty, ignorance, secrecy, ambiguity, and error. The enactment of non-knowledge has important implications for how we understand security practices, the relation between security and law, and public challenges to mass surveillance in a digital world. On the one hand, the enactment of non-knowledge by security and legal professionals limits activist and NGO resistance to mass surveillance, when these are focused on claims to knowledge, disclosure and transparency. On the other, reassembling non-knowledge and knowledge differently has generative political effects and opens new possibilities for intervention and resistance.