Over two dozen companies and a number of trade groups have signed a letter supporting bills that would let them reveal more details about the government's secret information requests. Submitted by the Center for Democracy and Technology, the letter urges Congress to pass Representative Zoe Lofgren's (D-CA) Surveillance Order Reporting Act of 2013 and Senator Al Franken's (D-MN) Surveillance Transparency Act of 2013. The bills, both introduced in early August, would give companies more options for disclosing when and how often they received national security-related requests and provided data to the government.
Apple, Google, Microsoft, Facebook, and Yahoo all signed the letter, as did the Software Alliance and the Internet Association, a lobbying group founded by Google, eBay, and others in mid-2012. These aren't just big names in the tech world, they're also the companies that were named as contributing data to the PRISM surveillance program — and the ones that have been fighting back against secrecy restrictions. All four of the aforementioned companies have suits pending against the US government, arguing that being unable to tell users how many requests have been received and complied with violates their right to free speech. AOL, Dropbox, LinkedIn, and Reddit, were among the other signatories. A number of companies also added support to a previous letter urging the White House, NSA, and others to loosen the restrictions.
While companies are asking for the right to publish nearly exact numbers of requests, neither of these bills goes that far. Lofgren's would allow estimates in bands of 100 (Google has gotten permission to publish national security letters in bands of 1,000, but other companies must lump them with other government requests), though it would allow companies to sort requests into separate categories (again, in estimates of 100) based on which law justified them and could put out new reports every quarter. Franken's doesn't say companies have to round to any particular number, but if they received fewer than 500 requests in a given period, they can't be more specific than that.
Since companies have said they don't receive a large number of national security-related requests, it's not clear how helpful these striations will be. Dropbox, for example, has said it received under 100 requests from all of US law enforcement in 2012. The bills would, however, give legislative weight to the companies' existing legal challenges. Both bills are currently in committee, where they must be passed before moving onto the House and Senate floors.
Update: The current agreement allows some companies to publish all government requests, including national security requests, in bands of 1,000, not to publish national security requests specifically in bands of 1,000. Article updated with this correction.