Ok, so they build this massive surveillance cluster. It can listen in and decrypt all information passing through all the major ISP players. Now that they have this information, it goes... where? These machines sit in between routers and the ISP's backbone (they'd have to). This means that they are connected to the internet and/or they have remote administration capabilities (I'm assuming dedicated machines). They can't keep the information local, that would be asinine. It would only take one leak (and there will be one, because there are people in the government who will not agree with this. A secretary somewhere will get a memo that gets put on the Internet) of either a password, username, or even a hint that there is remote admin possibilities and it will launch the fury of the Internet at large. Machines will be hacked (eventually) and data will be leaked. Some of it will be embarrassing to the people, while all of it will be to the government. Or maybe they have some secure server that the machines VPN into and transmit the databases that way. Who knows how they could 'securely' transfer this information they are getting, but VPN seems an obvious answer at the moment. That means they will need to deploy the VPN server IPs to the IT's in the field; it also means the server configuration is in a manual. If the government employee thinks they can get away with it or if they are an ex-employee... there will be a whistle-blower. Wikileaks, I guess it's UK's turn ^^