>The order leaked to the media organization details that the numbers of both parties on a call are given to the U.S. government, as well as location data, the length of the call, the time and duration of all calls and "unique identifiers."
Setting aside the fact that the government likely does not have the right to gather this information, the biggest question I have is how secure is this information?
Do they log every time a government employee queries this data? Can government employees take copies of the data? What security protections are in place to prevent foreign or domestic hackers from accessing the data?
This whole thing gives me the willies similar to when I found out that my employer was using proxy software from BlueCoat to strip out every site's SSL certificate and replacing it with its own so they could see all your unencrypted SSL traffic. They then store that unencrypted data which presumably includes logins and passwords to employee's unrelated bank accounts and other highly sensitive private information. Even if they have the right to monitor this type of activity, I don't believe anything gives them the right to store the data long-term because of the tremendous risk it presents to innocent people.
