The Federal Trade Commission (FTC) is warning major U.S. tech companies against yielding to foreign government demands that weaken data security, compromise encryption, or impose censorship on their platforms.
FTC Chairman Andrew N. Ferguson signed the letter sent to large American companies like Akamai, Alphabet (Google), Amazon, Apple, Cloudflare, Discord, GoDaddy, Meta, Microsoft, Signal, Snap, Slack, and X (Twitter).
Ferguson stresses that weakening data security at the request of foreign governments, especially if they don't alert users about it, would constitute a violation of the FTC Act and expose companies to legal consequences.
Ferguson's letter specifically cites foreign laws such as the EU's Digital Services Act and the UK's Online Safety and Investigatory Powers Acts.
Earlier this year, Apple was forced to remove support for iCloud end-to-end encryption in the United Kingdom rather than give in to demands to add a backdoor for the government to access encrypted accounts.
The UK's demand would have weakened Apple's encryption globally, but it was retracted earlier this week following U.S. diplomatic pressure.
The FTC's letter to tech companies warns that the new laws created by foreign governments undermine American users' freedom to access uncensored information and enjoy data security.
"I am concerned that these actions by foreign powers to impose censorship and weaken end-to-end encryption will erode Americans' freedoms and subject them to myriad harms, such as surveillance by foreign governments and an increased risk of identity theft and fraud," writes Ferguson.
"I am also concerned that companies such as your own might attempt to simplify compliance with the laws, demands, or expected demands of foreign governments by censoring Americans or subjecting them to increased foreign surveillance even when the foreign government's requests do not technically require that."
Ferguson underlines that U.S. firms have, above everything else, and foremost, legal obligations relating to the FTC Act (Section 5, 15 U.S.C. § 45), which prohibits unfair or deceptive acts or practices in commerce.
This legal context requires truthful data security and privacy representations, implementation of reasonable data security measures (including end-to-end encryption), and disclosure obligations when foreign entities submit content censorship or security degradation demands.
The FTC letter explicitly cites prior enforcement cases concerning the mentioned obligations, including against Zoom Video Communications in 2021 for deceptive marketing of its end-to-end encryption and Ring in 2023 for failure to encrypt customers' video feeds.
The letter closes with an invitation to the recipients to meet with Ferguson on August 28, 2025, to discuss foreign regulatory pressure and how they can navigate it without compromising customer data security.
Automated Pentesting Covers Only 1 of 6 Surfaces.
Automated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the other.
This whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic questions for any tool evaluation.
Comments
wpontius - 7 months ago
But our own Government and Law Enforcement continue to push for back doors to encryption domestically. The danger is the same!
EndangeredPootisBird - 7 months ago
Free markets are great, except when other countries and foreign companies outcompete you.
Liberty is great, except when women have control over their own bodies or gay people can marry.
Data collection is great, except when other countries are also doing it.
It's always the same double standards.
ThomasMann - 7 months ago
Good comments! Thank you both! Let me add one more:
This article misses two points. First one is the use of "foreign", which is a laugh. At least they have some control over what is done and what not, and some of them at least have institutions can prevent certain excesses. In the US it is ONLY a question of power. Abuse of power is the NORMAL! It is the one value that has ruled in America since the first european massmurderers arrived 400 years ago !
The second little fact that is forgotten here all too often is, that Bill (who does great work very often!) misses the point. He asks those, the Gates & Altmans & rest of the digital CEOs, who basically invented "profit maximising at ALL cost", not to do something, that they have shown they will do without any exception when it comes to any extra buck. What to say extra Billions... Remember what happened when some halfway decent people tried to get rid of Altman?
What the digital world needs to understand, and understand very fast, is that everything that can be done, will be done. Depending exclusivly on the power to do available to those who want it.
That trend is inevitable and irreversable. NEVER forget that!
JustAnotherEndUser - 7 months ago
The hypocrisy is astounding, on one hand refusing to weaken encryption under foreign pressure, yet on the other demanding unrestricted access to our data without question.
There is NO difference between the two.
Wannabetech1 - 7 months ago
I agree, but did you complain when "the other side" was in power?