Recent news reports exposed that government agencies (GA) perform the analysis of network communications to uncover terrorist and criminal organizations through the communications and relationships among members of those organizations. Privacy advocates have raised concerns that the government agencies should not collect data from their citizens without probable cause, due process, and court authorization. They argue that private data collections suppress the freedom of speech, the freedom of the press, the freedom of religion, and other basic human rights through possible intimidation by government agencies.
Communications service providers (CSPs) may collect and retain communications data, billing records, and other business records that are related to user accounts in a normal course of providing services. Government agencies may ask the CSPs to preserve data to enable forensic analysis related to terrorist and criminal activities.
While the public generally trusts the CSPs to protect personal data, the public do not want personal data to be turned over to government agencies. The government agencies attempt to build a graph of activities by target organizations but they are hindered if they have to perform the analysis of personal data that is resident across hundreds to thousands of CSPs. The analysis of data at such a large scale would require a query on every new user identity/number, resulting in a massive amount of queries and round-trip-delays for each query.
The scaling problem for queries involving a large number of CSPs is further complicated because multiple agencies in multiple nations may request such queries. The number of links and the number of queries required in addition to the CSP's scaling problem burdens both the government agencies and the CSPs.
One of the available solutions to the CSP's scaling problem is to use a trusted third party (TTP) system. Depending on laws or policies of a country, TTP functions may be implemented in a GA system. The TTP system provides added visibility, auditability, and oversight to the overall data analysis and collection processes. However, centralizing the data at the TTP moves the privacy concerns from the GA to the TTP. There remains a challenge to centralize data analysis and collection at the TTP while making the metadata invisible to the TTP for privacy issues.