In addition to all the questions it's raised about privacy expectations and government overreach, recent revelations about the National Security Administration's Prism surveillance program has thrust another debate into the spotlight: How much data should marketers and media companies be able to collect and store?

After all, much of the information the NSA has been sifting through to prevent terrorism exists solely because the Verizons and Googles of the world harvest it.

For years, privacy advocates have argued that one danger of the data collected and stored by digital-media and communication giants is that the government could tap into it -- a Big Brothery-sounding concern that, to many in marketing, felt a bit more conspiracy theory than potential reality.

“A lot of what the government knows about us they know because of companies, so you have to have some confidence that you have some control over the data they collect on you,” said Justin Brookman, director of the Project on Consumer Privacy for the Center for Democracy and Technology. He argued that rules for how corporations collect, transfer and store data are necessary because “it's hard to fix government access.”

The debate has now gone mainstream. Even passive news consumers are becoming more aware that data collection occurs on a massive scale. Marketers must consider how much blowback the Prism program will create against their increasingly data-fueled efforts.

Google is trying to head off assumptions of the worst, underscoring how serious a threat this could be to the data-collecting world. Last week it requested that the government allow it to release the number of national security requests it receives and their scope.

“Google's numbers would clearly show that our compliance with these requests falls far short of the claims being made,” its chief legal officer, David Drummond, wrote in a letter to U.S. Attorney General Eric Holder and FBI Director Robert Mueller, which was also shared on a company blog.

Separately, Google divulged how it delivered information to the government when required to comply with the requests: “generally through secure FTP transfers and in person.” (Read: no direct server access.)

Whether data-gate over the NSA activities inspires consumers to think twice about posting to Facebook or signing up for a loyalty card remains to be seen. But it could put stricter laws for advertisers in the form of comprehensive privacy legislation on the front burner.

Ad Age is a sister publication to Crain's Detroit Business.