Prominent tech companies have banded together and published an open letter denouncing the measures of the Burr-Feinstein bill, officially called the Compliance with Court Orders Act of 2016 . Calling themselves the Reform Government Surveillance coalition, the group’s members include Apple, AOL, Dropbox, Evernote, Facebook, Twitter, Google, Linkedin, Microsoft, Twitter and Yahoo!
“Any mandatory decryption requirement, such as that included in the discussion draft of the bill that you authored, will to lead to unintended consequences. The effect of such a requirement will force companies to prioritize government access over other considerations, including digital security,” the coalition wrote to Sen. Dianne Feinstein (D-California) and Sen. Richard Burr (R-North Carolina). “As a result, when designing products or services, technology companies could be forced to make decisions that would create opportunities for exploitation by bad actors seeking to harm our customers and whom we all want to stop.”
The coalition is also calling for limitations to the government’s authority to access private user data, as well as greater transparency about court orders, freedom to use servers of their choice despite geographical borders, a more robust checks and balances system for intelligence agencies looking to monitor communications and a treaty or framework for handling out of jurisdiction requests between different countries.
The proposed Burr-Feinstein bill uses very generic and broad language to describe the requirements tech companies would need to comply with should the bill pass into law. One redditor described the reach of the bill as effectively banning lossy compression data formats, such as MP3 music files or JPEG picture files, due to the inability of working backwards to the original data once a file has been compressed.
Burr-Feinstein bill would also require that all companies with app stores, such as Apple’s iOS App Store, Google’s Let’s Play store or even Amazon’s Appstore, manually double-check that their third-party apps are compliant with the bill’s guidelines.