1. United States
2. Va.
3. Letter

I am writing to you as a technology professional and constituent to express urgent concern about the proposed $55 billion acquisition of Electronic Arts (EA) by a consortium led by Saudi Arabia's Public Investment Fund (PIF), Silver Lake, and Jared Kushner's Affinity Partners. As someone who works in the technology sector and understands the implications of kernel-level software, mass data collection, and foreign access to digital infrastructure, I believe this transaction poses serious and underappreciated risks to American consumers, national security, and the integrity of our personal computing environments. I am aware of your leadership as Vice Chair of the Congressional AI Caucus, your work on the AI Foundation Model Transparency Act, and your ongoing commitment to responsible technology policy. Those efforts make you uniquely qualified to understand and act on the concerns I raise below. The Scale of Consumer Data at Risk EA's network encompasses over 700 million user accounts globally. Following an April 2025 update to its terms of service, EA now collects an expanded set of personal data including gameplay statistics, full device and hardware configurations, installed software inventories, network information, chat logs, and financial transaction records — even when users are playing offline. Under the proposed deal, PIF would hold 93.4% ownership of the company, transferring effective control of this vast consumer data reservoir to a foreign sovereign wealth fund. Senators Blumenthal and Warren raised this same concern in their October 2025 letter to Treasury Secretary Bessent, warning of risks including "surveillance of Americans, covert Saudi propaganda, and selective retaliation and censorship." Kernel-Level Software on Millions of American PCs EA deploys a kernel-level anti-cheat system called "Javelin" across 14 game titles on millions of personal computers. Kernel-level software operates with the highest system privileges — Ring 0 access — granting it the ability to read or write any memory, interact directly with hardware, and operate below the visibility of standard security tools. As a technology professional, I want to emphasize that this is not a theoretical concern: kernel-level access represents the most privileged position software can occupy on a personal computer. Under foreign sovereign ownership, EA's ability to push mandatory software updates to this kernel-level driver creates a potential vector for mass surveillance or supply chain attacks affecting millions of American households. The cybersecurity community has repeatedly flagged this class of risk, and no adequate safeguards exist to prevent a state-controlled parent company from exploiting this access. Additionally, EA's Javelin system has produced documented false positives that have banned legitimate players, including individuals using disability accessibility tools such as screen readers, adaptive input software, and visual enhancement utilities. EA's customer support has been widely reported to respond with copy-paste denials, offering no meaningful review process. This raises consumer protection concerns independent of the ownership question. Digital Consumer Rights and Financial Harm EA's terms of service permit the company to shut down any game or service with only 30 days' notice, permanently eliminating consumer access to products they paid for. This is not hypothetical — EA shut down The Sims Mobile in January 2026 and EA Sports FC Empires in November 2025, roughly one year after launch, erasing over $578,000 in documented consumer spending on the latter title alone. With the consortium financing this acquisition with approximately $20 billion in debt from JPMorgan, there will be significant financial pressure to cut costs and shutter underperforming products, accelerating this pattern of consumer harm. EA's updated terms also include mandatory binding arbitration and class-action waivers, severely limiting consumers' ability to seek legal remedies when their purchases are rendered worthless. Inadequate Regulatory Oversight As a private company, EA would no longer file public quarterly reports or be subject to SEC disclosure requirements, drastically reducing transparency. Legal experts at Lawfare and elsewhere have expressed serious doubt that CFIUS will conduct a meaningful review of this transaction, given the political relationships of consortium members. I note that the Treasury Department's February 2026 Request for Information on its Known Investor Program and streamlining of the CFIUS review process raises additional questions about whether the foreign investment review framework is being weakened at precisely the moment it is most needed. My Requests Given your expertise in technology policy and your leadership on AI and consumer protection legislation, I respectfully ask that you: 1. Advocate for a rigorous CFIUS review of this acquisition that specifically evaluates the risks posed by kernel-level software access and the transfer of 700 million users' personal data to a foreign sovereign entity. 2. Introduce or support legislation requiring companies that deploy kernel-level software to disclose the scope of system access, submit to independent security audits, and provide meaningful opt-out mechanisms — particularly when those companies are controlled by foreign governments. 3. Support digital consumer protection legislation that guarantees consumers refunds or continued access when digital products and services are unilaterally discontinued, building on the framework established by California's AB 2426. 4. Raise this issue publicly in your capacity on the Joint Economic Committee or through the Congressional AI Caucus, to ensure that the intersection of foreign sovereign ownership, kernel-level system access, and mass consumer data collection receives the scrutiny it demands. This acquisition sits at the intersection of every major technology policy concern you have championed: AI governance, data transparency, consumer protection, and national security. I urge you to apply your considerable expertise and leadership to ensuring American consumers are protected. Thank you for your time and your continued service. I welcome the opportunity to discuss these concerns further and would appreciate a written response outlining your position on this matter.