Journalists Need To Start Asking About Storage, Not Access

It’s becoming pretty clear, particularly from today’s Snowden Q&A and the partial transcript from President Obama’s Charlie Rose interview, that we’re zeroing in on how the government accesses private individual data.

If you’re not a “U.S. person,” there are few restrictions on what the U.S. government can do to monitor you. If you are a U.S. person then there are at least some restrictions, and the involvement of at least the secret FISA court, before that data can be accessed.

What’s also clear are that these are just policy decisions, as Snowden puts it, and that things may have been different in the past and can be different in the future.

My guess is that most journalists will continue to dig into the FISA court stuff. This quote alone is a gold mine for arguing that there is no true judicial oversight on any of this stuff:

Charlie Rose: But has FISA court turned down any request?

Barack Obama: The — because — the — first of all, Charlie, the number of requests are surprisingly small… number one. Number two, folks don’t go with a query unless they’ve got a pretty good suspicion.

In other words, “trust us.”

But here’s what journalists should be asking at this point: What data does the government store? How long have they been storing it? Do they ever delete it?

All of the government arguments around 4th Amendment protections center on policy decisions regarding what the NSA and FBI can look at. But as they make these arguments they imply that the data is already sitting on government servers. Snowden, of course, doesn’t imply this, he says it flat out.

This is what scares me the most. Not that today’s government is using this data improperly today (although the IRS scandal certainly shows that the government is quite willing to use data improperly). Rather, I’m much more concerned with what the government will do with this data down the road.

Knowing that the government will start surveillance on you if you do something wrong is one thing.

But knowing that you are constantly being watched, with everything you do being stored in a database somewhere, is something else. It doesn’t matter if anyone is looking at it today. Knowing that anything you do now, innocently, may be evidence of a crime in 5, 10 or 30 years, is the opposite of freedom. No matter how you look at it.

I don’t understand how the government can argue that storing, possibly forever, every phone call and every email and our location and everything else can somehow be consistent with the rights acknowledged under the 4th amendment. Until journalists start asking these questions, however, they won’t even be forced to make those arguments.

26 thoughts on “Journalists Need To Start Asking About Storage, Not Access

  1. Exactly right. The first thing they need to do is declassify all the legal proceedings so that we can debate in court the constitutionality of the program as it stands.

    I personally think that it’s okay for the government to have a means to access this kind of data under the right circumstances but a series of checks and balances have to be put in place that are simply not there.

    1) Technical means have to be put in place so that all data accesses are audited. I should be able to find out if my data has ever come up in a search and in what context.
    2) Data should be deleted after a certain number of years
    3) An analyst should have to obtain a warrant from a federal (non secret) court such as in criminal cases
    4) Data accesses after a warrant is received should be restricted in scope to a particular incident and any other data that is pulled should not be admissible in court (unless a clear and present danger to human life is detected in which case the findings should be made public after remedies are taken)
    5) All protections that are granted to US citizens should be extended to foreigners. Our tech companies cannot be competitive if they cannot extend their protections to customers overseas.

    I hope that our debate takes us here. We have a long road ahead and I suspect many careers are going to come under fire in the process. All of us have to stand together and demand accountability from our representatives for this steamrolling of our 1st and 4th amendment rights.

  2. I’d leave a comment here, but I don’t want it to be used against me in 30 years…

  3. jburb says:

    I don’t like the argument about the number of requests being small. It is small up until you are one of the people whose information is being requested.

    “Direct access” makes sense in that the NSA has access to the entirety of data on the web – email, twitter, google, facebook etc. that they only choose to access part of it at any one time does not mean that the number of requests is small and that they don’t have direct access, it just means they aren’t choosing to read your data at this very moment.

    They still have it, and how long they can keep it is a very important point.

    • Douglas says:

      It’s small, the president said so. Small is a relative thing. They aren’t asking for more than 4 or 5 million out of a potential 350 million.

  4. You said “infer” twice. It’s the wrong word both times. You meant “imply”.

  5. Yes We Scan says:

    Perhaps the solution is to have a right to be forgotten: some way of forcing companies and governments to delete your data every few years and not link old profiles to new ones.

    That said, I don’t think any administration will willingly volunteer to restrict or surrender these powers in any meaningful way.

  6. AhContraire says:

    If anyone, including the media, who thinks that it’s OK for the government or military to do all this secret stuff and conduct secret courts and it’s ok to spy on all Americans, can you ask them if the 1992 movie, starring Tom Cruise, Jack Nicholson, and Demi Moore, A FEW GOOD MEN. where Jack Nicholson shouts in the courtroom, “YOU CAN’T HANDLE THE TRUTH!” have any relevance in regards to spying on every single American and the 4th Amendment of the Bill of Rights?

    A Few Good Man “You Can’t Handle the Truth” (1m 51sec)

    Longer video clip (7m 47sec)

    – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
    Too afraid to follow me on Twitter?
    You can still bookmark me on Twitter at

  7. gregorylent says:

    think internationally, that people aren’t looking for alternatives to anything with a connection to the usa?

    huge innovation boost for the rest of the world, “NOT made in america” will have huge appeal

  8. What about those of us who are not US persons? Are we forever doomed to be second class citizens in our global community? We are completely unrepresented and unprotected in this system! Down with sovereignty! Down with the Nation-State!

  9. Eeko says:

    > “If you’re not a “U.S. person,” there are few restrictions on what the U.S. government can do to monitor you.”

    There are restrictions for the U.S. government, yes – but don’t forget that other countries have access to PRISM and other similar technologies as well. For example, we know that UK has spied on politicians for their domestic interest (

    U.S. persons are foreigners for a number of allied and non-allied nations for whom your domestic surveillance can be outsourced.

  10. x says:

    I agree with all of this but honestly if you granted foreigners the exact same protections there would be no fear no protection, its not like its less harsh anywhere else. Honesty I’m saying as someone with a past drug addiction, it all comes across borders,

  11. Tom says:

    Snowden doesn’t infer anything – you do the inference, he does the implying.

  12. peto5 says:

    What I feel most strongly now is a sense of betrayal the Tech industry did to us, their users and enthusiasts. Instead of raising awareness about this and pushing the privacy technology to the mainstream, they just jumped to bed with the gov and took the advantage of this situation at our expense. Did they hope that it will never will revealed? I just can’t believe they did this.

    Thinking about it further, what I now feel like an almost unsolvable problem is how to regain our privacy. Most of the current technology just didn’t assume that the “adversary” is so capable. Indeed, if the agency can “Cache” the whole “digital halo” (internet activity+calling+location) of almost everyone, achieving anonymity is almost impossible – with the advances of Big Data analysis, it is obvious that even Tor will not help, if the other guy can reconstruct what happened at every node. And regarding the encryption technology, such a small percentage of people uses it nowadays, that your attempts can be easily detected as an anomaly in the system, bringing even more attention to the non-encrypted activity. Basically the only defense now is to be non-interesting, quiet or apathetic.

  13. I sincerely doubt that all this spying (and storage of data) along with the 1,000,000+ people with Top Secret clearance (making claims that the system is “secure” a joke), has anything to do with “stopping terrorism”. It may be to build an Enemies List in case of “civil unrest” (the #1 fear of the 1%) but mostly it’s just yet another transfer of wealth from the public to the private sector. A theft.

    The budget for this is huge, unquestioned and mostly secret. The money goes to entities like Booz Allen ( owned by the Carlyle Group) and other “Defense” contractors, the same companies who are the beneficiaries of unjust, for-profit wars (profits are “up, up, up”). The whole time we are debating whether or not domestic spying is “effective” or constitutional, we are being robbed on an unprecedented scale. More welfare for the rich.

    Stop being hysterical and opening your wallets to any crook who promises to make you “safe”.

  14. Seriously, people. Did everyone really think that this was NOT going on? Of course it is. Personally, I couldn’t care less, but I am shocked by the surprise from so many intelligent people that thought in this digital age, this wasn’t happening.

  15. I think this is exactly correct, it also explains the disconnect between Snowden’s claims and the statements from Google et al. Sure, various agencies do request data via national security letters and warrants, but that’s not how they gather most of the information. My guess is there’s a agency that’s tapped backbone sites such as MAE West and is simply recording everything that goes over the Internet.

    Sure, much of the traffic is encrypted these days, but how hard would it be for a spy agency to steal Google’s and Facebook’s private SSL cert? Once they have that encryption doesn’t matter. Surely there’s some IT guy at one of these companies that could be bought for $30K. Hell, they could even compel the companies to hand over the certs via an NSL and companies wouldn’t be able to let anyone know.

  16. Frank Armoton says:

    How on earth do you wake up to this now, when Google has been storing all you do online for ages and has no incentive what so ever to delete the data on you? Why. Do. Americans. Trust. Companies. More. Than. Their. Elected. Government? It is totally undecipherable.

    • Michael Arrington says:

      Google doesn’t engage in violence to make us do things. I happily trade privacy for services with private companies, under a contract. The government doesn’t give me that choice, and it is the only real threat to the American people.

      • MIke – you might want to stop by and join 33 Accumulators at “Accumulo BoF Session @ Hadoop Summit” San Jose 6/27 10am. Someone attending knows ‘storage’. DM@iC if you can attend.

  17. regularJoe says:


    Why have you stopped asking questions about PRISM? I thought you’d have a post about the new Microsoft involvement demanding more answers. I always liked the fact that you weren’t afraid to ask the tough questions.

    I’m guessing the NSA has placed a Gag order on You and Techcrunch. So much for Freedom of Press. 😦


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: