The way the Obama Administration has protected the Civil Liberties of American Citizens while balancing the need to protect the country from outside threats is not a mystery. It isn't that hard to find either. It is on the internet in a de-classified document dealing with how the NCTC handles data. The NCTC is also known as the National Counterterrorism Center, and there are specific regulations dealing with how data is handled, if it can be stored and how to determine if it is, in fact, useful counter-terrorism data. Let's look at some of those regulations.
As you can see, we have jumped right into the title character, our "Civil Liberties Protection Officer." What does that mean? The administration has determined that there be people inside the process who's sole responsibility is to ensure that the Civil Rights of American Citizens are not violated. Now, future presidents may abolish the Civil Liberties Protection Officer position, but by doing so, they will have violated executive precedent. (And I think it is important here to note that the NSA will collect data to protect the American people in the future. It is going to be part of our civilization now.) Doesn't a government have not only the power but the duty to protect its citizens if by doing so no Civil Rights are violated? Moreover, if you believe that a state had that responsibility, and if that ability was then ignored, wouldn't the state be negligent?
As you can see in the above screengrab--and these screengrabs have not been altered except for the red boxes around them and the yellow highlighter--the issue of "civil liberties" is applicable to "each specific information access or acquisition." That means that all and singular, each and every data set sought must comply with the protections afforded by our Civil Liberties.
This screengrabbed paragraph speaks for itself. But as you can see a little further below, there is a triage for finding terrorism information. This ensures that if erroneous information is caught up in the web, it is removed. "[P]romptly removed" is how they put it.
Again. Self-explanatory. Can't be used, we are going to protect it with audits and there's that Civil Liberties Protection Officer again.
This is the triage mentioned above. The data either contains "terrorism information" or it doesn't. The NCTC is interested in data that contains terrorism information.
Now here's some meat to the protections provided on behalf of civil liberties. Either "party" can raise any privacy or Civil Liberties concerns about the process. That specifically includes the "data provider."
Did you notice the word "browsing" above? Not allowed. Well, unless there is information about terrorist activity. Which again raises the question: Doesn't the government have the duty to "browse" information about terrorism if it can do so without "browsing" non-terrorism information?
Training is used to make sure that analysts and others understand that Privacy is a pretty big deal.
The replication of data is only allowed if done in writing by the Director and the data provider, and then only if the data "is likely to contain significant terrorism information." This information and these rules and regulations are available on the web. They aren't a secret. If you want transparency, there it is for you to look it up.