This article explains a way that credit card information is stored safely without encryption. Tokenization is a completely different way of securing credit card information than encryption because it completely removes the credit card information and replaces it with a "token" that cannot be retraced to retrieve the credit card information. Encryption has the credit card information hidden somewhere, but tokenization erases it completely which makes it very secure.
A breach in supposedly secure keys given to employees by private companies vindicates previous warnings by cryptographers that companies should use more difficult keys, and that companies have not been cautious enough using such keys because of their assumed security.
This is a PDF file of a chapter taken from a book that contains essays on many issues that arise from "big data." This chapter specifically pertains to our privacy versus security debate because it provides reasons as to why bulk data collection does not work as well as alternative options to mass surveillance.