With so much about the surveillance system still undisclosed, I wonder if the following could be true. … it would be very cheap to record and store all US telephone calls. Audio is highly compressible; a back of the envelope calculation suggests the government could store a whole year's telephone calls -- all of them -- for a small number of millions of dollars, given the low cost of massive storage units. What is preventing the government from doing that is, presumably, wiretap law. Could the calls be lawfully be recorded by the government, but listened to only after issuance of an appropriate court order? Could the recordings be made by the telcos and held in dead storage, but turned over to the government in response to a narrow and specific court order?If you are surprised to think it would be technically and economically feasible to record everything, every word of every call for an entire year, just think of how many hours of audio you can carry around on your iPod. And storage technology keeps getting denser while the number of minutes of phone calls is probably going up very slowly if at all.
Well, it turns out, courtesy of more Snowden documents, that the NSA is doing exactly what I speculated, though not, as far as we know, for calls within the US. Some lucky country--the Washington Post is cooperating with the US government by not telling us which one--is having every single telephone call captured, not the "metadata" but the actual audio, every minute of it. The recordings are stored for later review, which requires no judicial authority.
The NSA's comment is predictable: We wouldn't be doing it if it wasn't lawful and important. Problem is, the NSA doesn't have to do the risk-reward calculation. Based on the ever-shrinking number of terrorism plots said to have been prevented by the bulk metadata collection program, there is good reason to be skeptical about claims that the rewards are substantial. And what are the costs when something like this comes to light? Already the EU, furious about US surveillance of Europeans, has voted to suspend the "Safe Harbor" provisions of European privacy laws -- essentially a loophole that allowed US companies greater flexibility in the way they protect the privacy of data than European companies enjoy. What will be the cost, in cold hard dollars, if American companies lose European business over this, or are forced to spend what it takes to come into compliance with European standards?