WASHINGTON — President Donald Trump’s Federal Trade Commission is firing a warning shot at top tech companies, The Daily Wire can exclusively report, reminding major companies in a series of Monday letters of their obligation to protect American privacy even under pressure from foreign governments.
“President Trump has put a swift end to the weaponization of the federal government against Americans and their freedoms, but foreign governments present emerging and ongoing threats to the free exchange of ideas,” FTC Chairman Andrew Ferguson wrote in letters first obtained by The Daily Wire.
“Companies might be censoring Americans in response to the laws, demands, or expected demands of foreign powers,” Ferguson states. “And the anti-encryption policies of foreign governments might be causing companies to weaken data security measures and other technological means for Americans to vindicate their right to anonymous and private speech. Specifically, there have been numerous recent attempts by foreign governments to pressure your company to censor content or degrade security for users of your services.”
Letters were sent individually to tech giants including Meta, Microsoft, Alphabet, Amazon, and Apple, as well as eight other companies in the messaging, social media, and cloud storage or web hosting spaces.
The FTC commissioner reminded the companies that they have “independent obligations to American consumers” under Section 5 of the Federal Trade Commission Act, prohibiting “unfair or deceptive acts or practices in or affecting commerce.” A foreign government’s laws will not be taken as a valid excuse to break that obligation, the letter makes clear.
“As the nation’s consumer protection agency, the FTC has taken action for over two decades against companies that fail to keep their data security or privacy promises to consumers,” he says. “The Commission has steadfastly maintained that companies that collect, use, share, or transmit consumers’ personal data must employ reasonable security measures, including encryption of sensitive information, to protect such information from unauthorized access, use, or disclosure.”
Ferguson points to a number of recent examples: the European Union’s Digital Services Act, the United Kingdom’s Online Safety Act, and, most topically, the United Kingdom’s decision to drop demands that Apple allow “back door” access to customer data.
The European Union’s Digital Services Act incentivizes “tech companies to censor speech, including speech outside of Europe,” Ferguson says, while the United Kingdom’s Online Safety Act pushes online platforms to remove content they deem “illegal” in order to “protect” users. The United Kingdom had pushed for companies to weaken their encryption measures under its Investigatory Powers Act in order to enable its law enforcement to access data that was stored by users.
“I am concerned that these actions by foreign powers to impose censorship and weaken end-to-end encryption will erode Americans’ freedoms and subject them to myriad harms, such as surveillance by foreign governments and an increased risk of identity theft and fraud,” Ferguson wrote.
“I am also concerned that companies such as your own might attempt to simplify compliance with the laws, demands, or expected demands of foreign governments by censoring Americans or subjecting them to increased foreign surveillance even when the foreign government’s requests do not technically require that,” he added. “Indeed, foreign governments seeking to limit free expression or weaken data security in the United States might count on the fact that companies have an incentive to simplify their operations and legal compliance measures by applying uniform policies across jurisdictions.”
Companies that are promising users that their service is secure or encrypted but are not using appropriate end-to-end encryption may be deceiving consumers who “reasonably expect that level of confidentiality,” Ferguson wrote. And certain circumstances might require “reasonable security measures” — and failure to use these security measures might constitute unfair practice.
Ferguson says that companies who weaken encryption or other security measures at the direction of a foreign government may violate Section 5.
“If a company promises consumers that it encrypts or otherwise keeps secure online communications but adopts weaker security due to the actions of a foreign government, such conduct may deceive consumers who rightfully expect effective security, not the increased susceptibility to breach or intercept desired by a foreign power,” he added. “Consumers may be further deceived if companies fail to prominently disclose that weaker security measures were adopted due to the actions of a foreign government, information that might be material to a consumer’s decision to use a service.”
He also suggested it could be unfair practice to “weaken the security of Americans’ communications to placate foreign powers” that do not have the best interests of Americans at heart and may be trying to surveil Americans.
Other companies that received a letter on Thursday morning were Snap, Signal, X, Discord, Slack, Cloudflare, GoDaddy, and Akamai.
