The Federal Trade Commission (FTC) is warning major U.S. tech companies against yielding to foreign government demands that weaken data security, compromise encryption, or impose censorship on their platforms.
FTC Chairman Andrew N. Ferguson signed the letter sent to large American companies like Akamai, Alphabet (Google), Amazon, Apple, Cloudflare, Discord, GoDaddy, Meta, Microsoft, Signal, Snap, Slack, and X (Twitter).
Ferguson stresses that weakening data security at the request of foreign governments, especially if they don’t alert users about it, would constitute a violation of the FTC Act and expose companies to legal consequences.
Ferguson’s letter specifically cites foreign laws such as the EU’s Digital Services Act and the UK’s Online Safety and Investigatory Powers Acts.
Earlier this year, Apple was forced to remove support for iCloud end-to-end encryption in the United Kingdom rather than give in to demands to add a backdoor for the government to access encrypted accounts.
The UK’s demand would have weakened Apple’s encryption globally, but it was retracted earlier this week following U.S. diplomatic pressure.
The FTC’s letter to tech companies warns that the new laws created by foreign governments undermineAmerican users’ freedom to access uncensored information and enjoy data security.
“I am concerned that these actions by foreign powers to impose censorship and weaken end-to-end encryption will erode Americans’ freedoms and subject them to myriad harms, such as surveillance by foreign governments and an increased risk of identity theft and fraud,” writes Ferguson.
“I am also concerned that companies such as your own might attempt to simplify compliance with the laws, demands, or expected demands of foreign governments by censoring Americans or subjecting them to increased foreign surveillance even when the foreign government’s requests do not technically require that.”
Ferguson underlines that U.S. firms have, above everything else, and foremost, legal obligations relating to the FTC Act (Section 5, 15 U.S.C. § 45), which prohibits unfair or deceptive acts or practices in commerce.
This legal context requires truthful data security and privacy representations, implementation of reasonable data security measures (including end-to-end encryption), and disclosure obligations when foreign entities submit content censorship or security degradation demands.
The FTC letter explicitly cites prior enforcement cases concerning the mentioned obligations, including against Zoom Video Communications in 2021 for deceptive marketing of its end-to-end encryptionand Ring in 2023 for failure to encrypt customers’ video feeds.
The letter closes with an invitation to the recipients to meet with Ferguson on August 28, 2025, to discuss foreign regulatory pressure and how they can navigate it without compromising customer data security.
