[zarzavat]

Yes but National Security Letters make that pointless. You can't encrypt away a legal obligation. The point of e2ee is that a provider can say to the feds "this is all the information we have", and removing the e2ee would be noticed by security researchers.

If the provider controls one of the ends then the feds can instruct them to tap that end and nobody is any the wiser.

The best you can do is either to run the inference in an outside jurisdiction (hard for large scale AI), or to attempt a warrant canary.

[monerozcash]

> Yes but National Security Letters make that pointless

It seems ridiculous to use the term "national security letter" as opposed to "subpoena" in this context, there is no relevant distinction between the two when it comes to this subject. A pointless distraction.

> You can't encrypt away a legal obligation.

Of course you can't. But a subpoena (or a NSL, which is a subpoena) can only mandate you to provide information which you have within your control. It can not mandate you to procure information which you do not have within your control.

If you implement e2ee, customer chats are not within your control. There is no way to breach that with a subpoena. A subpoena can not force you to implement a backdoor or disable e2ee.

[zarzavat]

I believe we are in agreement. If you are a communication platform that implements e2ee then you provide the guarantee to users, backed by security researchers, that the government can't read their communications by getting a subpoena from the communication platform.

The problem with AI platforms is that they are also a party to the communication, therefore they can indeed be forced to reveal chats, and therefore it's not e2ee because defining e2ee that way would render the term without distinction.

[monerozcash]

It's possible to produce a technical solution to this using tools like SGX.