The better talking point here is that once the data is collected, you must assume the government can get to it, always. Who actually stores it (a public or private entity) is an irrelevant implementation detail, and people pretending otherwise are being foolish.
Sure, but how is the government simply obtaining the data directly not an escalation? A subpoena at least requires an additional step and ostensible checks.
Sounds like the way they're obtaining it without a subpoena is by simply purchasing it from a commercial data broker, though. If that's true, I'd say the real problem is that a broker is willing to sell virtually anyone this data with essentially no oversight – a problem that's sadly existed for quite a while already. One of their buyers being the government isn't the first-order problem there.
