* * *

Software vulnerabilities aren’t the only thing that the NSA stockpiles. Four years ago, the American public learned that the agency hoovers up metadata pertaining to the private communications of most every adult in this country.

After the Edward Snowden leaks, the Obama administration insisted that the costs of collecting and storing metadata on phone calls, texts, and emails was outweighed by the benefits. Sure, the trove that the government was amassing indicated countless sensitive calls, like those to abortion clinics, suicide hotlines, and oncologists; and it could expose a person’s entire web of acquaintances.

But procedural safeguards would prevent violations of privacy, NSA defenders insisted. NSA analysts wouldn’t enjoy unfettered access to the entire haul. Rather, they would be permitted to submit discrete queries, like a phone number found in a terrorist safe house. And if their database in fact contained information on that target, they’d still be limited by a constraint that they could only look at other phone numbers within two or three “hops” of the target.

NSA critics challenged the accuracy and adequacy of the safeguards, as well as the government’s underlying presumption: that an American’s privacy wasn’t in fact impinged upon if the government merely gathered and stored information about their communications, so long as no one subsequently looked at it.

A different concern was scarcely broached: What if the U.S. government never itself abused the system it built, but failed to safeguard its contents?

The likelihood of the trove’s eventual theft strikes me as significant (and that is assuming that a foreign government or group of hackers hasn’t already gotten any of it). The NSA failed to stop Snowden from taking some of its most closely held secrets. It failed to stop the Shadow Brokers from taking some of its most closely held cyber weapons and deploying them against innocents, including Americans. Why expect it to successfully safeguard its most closely held trove of metadata?

Per the Times, “NSA employees say that with thousands of employees pouring in and out of the gates, and the ability to store a library’s worth of data in a device that can fit on a key ring, it is impossible to prevent people from walking out with secrets.”

According to the report, after the NSA’s stockpile of offensive weapons leaked, the consequences included the following:

Millions of people saw their computers shut down by ransomware, with demands for payments in digital currency to have their access restored. Tens of thousands of employees at Mondelez International, the maker of Oreo cookies, had their data completely wiped. FedEx reported that an attack on a European subsidiary had halted deliveries and cost $300 million. Hospitals in Pennsylvania, Britain, and Indonesia had to turn away patients. The attacks disrupted production at a car plant in France, an oil company in Brazil, and a chocolate factory in Tasmania, among thousands of enterprises affected worldwide. American officials had to explain to close allies—and to business leaders in the United States—how cyber weapons developed at Fort Meade in Maryland came to be used against them.

Now consider the potential costs and consequences if the NSA’s stockpile of metadata on American citizens were to be breached by hackers or stolen by an insider, and then come under the control of Russia or China or North Korea or terrorists.