FTC to Tech Giants: Don’t Weaken Encryption for Foreign Governments
The U.S. Federal Trade Commission (FTC) has issued a stern warning to America’s largest technology companies, declaring that concessions to foreign governments demanding weakened data protections, backdoors in encryption, or censorship on platforms will not be tolerated. The agency stressed that such actions would constitute violations of the Federal Trade Commission Act and carry legal consequences.
The letter, signed by Commission Chair Andrew N. Ferguson, was addressed to Akamai, Alphabet (Google), Amazon, Apple, Cloudflare, Discord, GoDaddy, Meta, Microsoft, Signal, Snap, Slack, and X (formerly Twitter). It explicitly referenced recently enacted foreign laws — including the European Digital Services Act, the UK’s Online Safety Act, and the Investigatory Powers Act — which are exerting mounting pressure on U.S. companies.
Ferguson reminded recipients that yielding to such demands could undermine data protection worldwide. He cited Apple’s recent experience in the United Kingdom, where the company was compelled to suspend end-to-end encryption for iCloud services under government pressure. Though this decision threatened global user security, the requirement was ultimately withdrawn after U.S. diplomatic intervention.
According to Ferguson, attempts by foreign governments to impose censorship or dismantle end-to-end encryption endanger the freedoms of American users, facilitate foreign surveillance, and increase the risks of identity theft and financial fraud. He also voiced concern that companies themselves might simplify compliance procedures and extend restrictions to U.S. citizens, even when foreign laws do not formally mandate such measures.
American firms, he emphasized, have binding legal obligations under Section 5 of the FTC Act (15 U.S.C. § 45). These obligations include providing truthful information about privacy and security practices, implementing reasonable safeguards for data protection — including end-to-end encryption — and disclosing any foreign demands that result in censorship or weakened protections.
The letter also recalled past enforcement actions in the field of encryption. In 2021, the FTC accused Zoom of misleading users with false claims about its end-to-end encryption, while in 2023 the agency held Ring accountable for failing to adequately protect users’ video streams.
Ferguson concluded his letter with an invitation for company representatives to meet with him on August 28, 2025, to discuss foreign regulatory pressures and explore solutions that would preserve data security without compromise.
