On August 21, 2025, the Federal Trade Commission Chairman (FTC), Andrew N. Fergerson, sent out letters to over 13 major U.S. tech companies. The aim of the letter was to give warning that caving to overseas pressures could land them in hot water under American law.
Let’s take a look at the core issue that triggered such a response from the FTC and why it matters.
The Trigger
To understand the full picture of what led to the FTC’s response, we have to understand the leading factor. Now, it all starts with digital laws passed by the European Union and the UK.
- The EU Digital Service Act (DSA): this statute requires big tech to tackle “illegal and harmful” content. The purpose of the law is to make online services more accountable for illegal content and systemic risks like misinformation. Congress passed the law in 2023, and it took full effect in February 2024.
- The UK government enacted the Online Safety Act (OSA)to mandate content moderation and potential scanning of private messages. A contentious part of the law is a provision that could require platforms, including those with end-to-end encryption, to scan for child sexual abuse material.
- The UK’s Investigatory Powers Act (IPA): the Investigatory Powers Act 2016, also called the “Snooper’s Charter.” It gives the UK authorities powers to demand a backdoor into encryption.
A controversial part of this law is the provision it provides for the Home Secretary to issue “Technical Capability Notices.” Which means telecommunications and internet companies can be required to intercept communications, which could include the removal of electronic protection like encryption.
The key intercepting point for these three acts is the regulation of online content and the potential of a state-mandated weakening of encryption.
How These Acts Could Potentially Influence Companies in the US
All three acts have a global reach, not just on companies in the UK or EU. The DSA, OSA, and IPA apply to any platform that provides services to users in the EU regardless of where the company is based.
Apple and IPA
In January 2025, the UK’s Home Office issued a Technical Capability Notice (TCN) to Apple under the IPA. The request of the TCN was for Apple to grant access of its end-to-end encrypted iCloud backups to the authorities even if the person wasn’t a UK resident.
Apple vehemently disagreed, and the whole ordeal required the intervention of the US government. The US government viewed the UK’s demand as a direct threat to the privacy and civil liberties of American citizens.
Also under the Cloud Act neither the UK nor the US can force tech companies to hand over each other’s citizens’ data without proper legal process and oversight.
Eventually, in August 2025, the case was eventually dropped, and the UK withdrew its demand to Apple.
FTC’s Response
On August 21, 2025, Andrew N. Ferguson, chairman of the FTC, sent out letters to over 13 major tech companies that provide computing, data security, social media, messaging apps, and others.
Some of these companies included Akamai, Alphabet, Amazon, Apple, Cloudflare, Discord, GoDaddy, Meta, Microsoft, Reddit, Signal, Snap, Slack, and X.
The letters noted that while these companies might be pressured to censor and weaken data security protections for Americans due to acts like the IPA, OSA, and DSA, they are to comply with the FTC Act’s prohibition against unfair and deceptive practices in the marketplace.
One major act that totally breaches the FTC’s ACT is the adoption of a weaker security system by a company that promises consumers encrypted and secure online communications.
“I am concerned that these actions by foreign powers to impose censorship and weaken end-to-end encryption will erode America’s freedom and subject them to myriad harms, such as surveillance by foreign governments and increased risks of identity theft and fraud.” Ferguson wrote.
Final Thoughts
The IPA, OSA, and DSA acts from the EU and UK all stemmed from a place of security concern for their country. If fully enforced, it could play a big role in curbing sex crimes against children and other illicit activities.
However, it leaves a huge loophole that exposes upright citizens, as they won’t enjoy digital rights to privacy and will be left vulnerable.
