Donald Trump has shown he’ll stop at nothing to humiliate and intimidate his critics. He published Sen. Lindsey Graham’s personal cellphone number so Trump supporters could harass him. He encouraged the Russian government to hack Hillary Clinton (though he later claimed he was joking) and promised to imprison her. He has tweeted false and embarrassing accusations against Sen. Ted Cruz, former Miss Universe Alicia Machado, and many others.

That’s all bad enough. But if he becomes president, Donald Trump will have a frightening and expansive new tool to persecute his domestic opponents: the National Security Agency, which has access to a huge amount of Americans’ personal communications and data.

Maybe a senator’s “private” bedroom pics will be mysteriously leaked. Or Breitbart will start blogging the details of a journalist’s 3 a.m. Uber rides. Or maybe Trump will find creative uses for five years of email correspondence between a civil rights lawyer and her clients. This might sound like a nightmare that could only happen in China or Russia, but there are simply not enough safeguards in place to protect Americans from our own National Security Agency.

While most NSA operations are directed at overseas targets, the agency can access communications metadata, such as phone numbers and call times, from every American who uses a telephone or email account—more than 300 million of us.

And while it probably doesn’t do so right now for most of us, the NSA has the technical capabilities to collect literally all the communications data of tens of thousands of Americans—every email; every Skype chat; every message on Facebook, OkCupid, iMessage, Snapchat, Twitter, and other services; every one of our photos in the cloud; the audio of every phone call; our physical locations from minute to minute based on the geolocation of our cellphones; and even all the documents on our laptops.

How do I know this is possible? Because while I was a State Department official between 2011 and 2014, I was given top secret briefings on U.S. intelligence activities. (Before I left government service, I filed a complaint alleging that some NSA activities violated Americans’ constitutional rights to privacy. Because I am writing about issues that I worked on when I held a security clearance, I was required to submit this article for prepublication review to the U.S. government, which has no objection to its publication.)

In 2014, a staffer for the Senate Select Committee on Intelligence, or SSCI, and an NSA staffer both told me in separate classified briefings that the NSA collects “a lot” of Americans’ data. The SSCI staffer told me the NSA “touches about 9 percent” of global internet traffic every day. I took the colloquialism “touch” to mean the NSA has access to that information in some way, whether or not the agency actually saves and uses all that data.

Interpreting the SSCI staffer’s figure is tricky, but I’ll do my best. Nine percent might not sound like a lot, but remember: The NSA doesn’t care about the vast majority of the bytes that cross the internet, like streaming movies, music, and websites, so it doesn’t bother with that stuff.

The agency targets personal communications, device locations, and similar sensitive data. So while the portion of total internet traffic the NSA touches may be only about 9 percent, the portion of sensitive personal data that the NSA touches is far higher. A report from Cisco, the internet giant, says that global consumer internet protocol traffic averaged 33,597 petabytes per month in 2014. But only 5,853 petabytes each month, or 17 percent of consumer traffic, were emails and instant messages and web page views. The rest of the traffic—83 percent—was cat videos, pornography, pirated movies, and online video games.

That 17 percent figure is an imperfect estimate of how much global internet traffic is sensitive or personal. It’s both underinclusive, because it doesn’t include cellphone location data, and overinclusive, because most webpage views are not sensitive.

But suppose that only 17 bytes out of every 100 to cross the global internet in 2014 were sensitive or personal in some way. Then suppose the NSA touched about nine of those 17 sensitive bytes. If so, it’s possible that the NSA touched a majority of private communications and location data globally, much of it Americans’. I met in June of this year with senior NSA officials to discuss a draft of this article. They said that the 9 percent figure was too high but did not provide a more accurate number. The officials said the NSA was not collecting the majority of Americans’ communications. However, they also said that because Americans were not the intended targets of most collection, the agency deliberately did not calculate how much American data is incidentally collected. They did not deny that it could be a lot.

When I shared my concerns about a rogue president, the officials declined to comment on Trump specifically but agreed as a general matter that the wrong person in power could try to misuse the agency to affect Americans’ lives. The officials recalled President Nixon’s abuse of the IRS, the Department of Justice, and other federal agencies.

But compared with domestic agencies, the NSA is uniquely vulnerable to presidential abuse. Today’s checks and balances on U.S. intelligence agencies don’t come from Congress or the courts—the executive branch imposes them on itself. And those self-imposed restraints are alarmingly flimsy.

For most executive actions, Congress passes authorizing statutes, and the courts enforce the law to ensure that the executive branch does not exceed its authority. For example, President Obama’s immigration amnesty order has been tied up in litigation for years, based partly on the argument that the order exceeds the president’s authority as provided by congressional statute.

But that separation-of-powers framework doesn’t really apply to most intelligence operations, even those that affect American citizens. The vast majority of the NSA’s operations are conducted not pursuant to any statute voted by Congress but under the legal authority of Executive Order 12333, a unilateral presidential order originally issued in 1981.

Neither the regular federal courts, nor the Foreign Intelligence Surveillance Court, which is tasked with approving some forms of surveillance, provide any oversight of EO 12333 activities except in extremely rare cases. The FISC’s jurisdiction is limited to a couple of statutes that cover only a fraction of the NSA’s collection on Americans. And when an American’s emails are swept up and retained by the NSA under the executive order, the courts do not provide a forum for that person to bring a lawsuit challenging NSA activities.

Although the House and Senate intelligence committees in principle should provide oversight of EO 12333 activities, in practice this doesn’t happen as much as it should. Dianne Feinstein, ranking member of the Senate Select Committee on Intelligence, has admitted that the committee does not “sufficiently” oversee operations that take place under 12333.

I have personally briefed members of Congress who were told close to zero about 12333 activities in government intelligence briefings. And the SSCI staffer who gave me the 9 percent figure also said he wouldn’t be surprised if elected U.S. senator members of SSCI might not know the details of what was going on.

In short, our only meaningful protections against improper NSA snooping come from within the executive branch itself. The attorney general, who is appointed by and reports to the president, sets secret procedures for the handling of Americans’ communications and data under EO 12333. In June, the NSA officials told me that the agency has a strong culture of compliance with these procedures, and I believe that is true.

But even if today’s EO 12333 protections were perfect—which is doubtful—President Trump could loosen or abolish them on his first day in office. And because so much about these procedures remains secret, the public will likely never know if they have been altered.

No doubt some patriotic officials within the intelligence community would resist any effort by Trump to weaken or circumvent today’s protections for Americans’ data. But don’t forget Trump’s favorite words: “You’re fired.”

If Donald Trump is elected, it’s unlikely that anyone could stop him from collecting comprehensive private information on his domestic opponents and using it to persecute and destroy them. That’s one reason I’m canvassing to get out the vote for Trump’s opponent, Hillary Clinton—someone who has experienced hostile government hacking firsthand.

But even if Trump loses, the fact that he has come so close to the presidency should trigger reflection and action. The NSA does important work, but this episode should convince even advocates for expansive NSA powers that we need more protections against possible abuse of personal data.

Somehow, almost three and a half years after the Snowden leaks, the government has avoided public discussion of EO 12333. The president has never spoken publicly about it, and none of the reforms announced in 2014 or debated by Congress ever touched it.

Obama needs to do three things. First, he should amend the executive order and require the NSA to delete all U.S. person data as soon as it is collected, as recommended by his own Review Group on Intelligence and Communications Technologies. (Today U.S. person data is stored for five years and searched by domestic law enforcement agencies like the FBI. “U.S. person” means any individual within the borders of the United States, or a U.S. citizen anywhere in the world.) President Obama should leave a public trail of legal determinations on the issue that will be difficult for Trump to undo.

Second, Obama should educate all of Congress—not just the intelligence committees—in a far deeper way about precisely how much American data is collected, and how it is treated, with comprehensive secret briefings. Most members of Congress still know far too little about the particulars to properly legislate in this area. Congress and the judiciary, together with the executive branch, should establish clear, universal standards for U.S. person data.

Finally, the president should come clean with the American people about just how much of their data is “touched” by U.S. intelligence agencies. Without that, there can’t be proper democratic debate and oversight.

If Trump wins, it’s possible to imagine him mining the 12333 database for more dirt on Clinton, as he seeks to imprison her. But even if he loses, someone else from any party could come along in four or eight years and misuse the National Security Agency. Let’s fix it now.

This article is part of Future Tense, a collaboration among Arizona State University, New America, and Slate. Future Tense explores the ways emerging technologies affect society, policy, and culture. To read more, follow us on Twitter and sign up for our weekly newsletter.