National Journal reports: Ending bulk data collection, which the NSA claims is authorized under Section 215 of the Patriot Act, has been the top priority for civil liberties groups.

Obama announced on Friday that he will end the program “as it currently exists.”

Starting immediately, NSA analysts will need approval from the Foreign Intelligence Surveillance Court every time they want to access the phone database. Obama also said he plans to eventually move the database out of the government’s hands. The president directed Attorney General Eric Holder and top intelligence officials to come up with a plan by March 28 for turning over control of the database.

But no matter who stores the data, the NSA will want to ensure that its analysts can still access it when they want to map the connections of a potential terrorist group. That could mean the administration will ask Congress to enact a mandate requiring phone companies to store their customers’ data on behalf of the NSA.

Privacy advocates warn that a data retention mandate would turn phone companies into agents of the NSA.

“To the contrary, companies should be working on ways to store less user data for less time—decreasing the risks from data breaches and intrusions like the one that just happened to Target,” wrote Cindy Cohn and Rainey Reitman of the Electronic Frontier Foundation. “Data retention heads in the wrong direction for our security regardless of whether the government or private parties store the information.”

Kevin Bankston, a policy director for the New American Foundation, said that if the alternative to government storage is mandatory data retention or a requirement for phone companies to turn the data over to some other third party, “the President should be prepared for a major legislative battle with key members of Congress, the technology industry and the privacy community arrayed against him.” [Continue reading…]