Congressmen don't have classified access by default. Even those involved in oversight often rely on briefings which are written by the people potentially breaking the law and include whatever they choose to include, or not. It's akin to regulatory authorities that operate by asking those being regulated 'Are you still operating under all appropriate regulations?'
And laws are also written extremely broadly, which gives the intelligence agencies extreme leeway in interpreting them as they see fit. And even if they go beyond that, it's not like there are any consequences. For one of the most overt - James Clapper indisputably lied under oath and absolutely nothing happened. Furthermore politicians are generally ignorant on most topics, especially on anything remotely technically related. But revealing that ignorance is politically damaging, so they turn into yes men on most of these topics.
It’s not a secret that there’s a legal loophole and how it might be used. And congress don’t need classified access to change the law. So I don’t see how any of that relates. The problem of effective oversight is likewise orthogonal to the issue I raised which is that “getting spied on by their own subordinate agencies” is conduct that has been legally permitted by lawmakers