International Association
for Cryptologic Research

We raise concerns for end-to-end encryption (E2EE) security in light of the remarkable recent advances and explosion of interest in large language models and generative artificial intelligence (AI). Apple has already announced an initiative to feed E2EE messages into AI systems, and other major platforms may be considering similar efforts. Combining expertise across cryptography, AI, and law, we (1) examine a wide range of technical configurations that could fall under the broad umbrella of “feeding E2EE content to AI models,” taking into consideration the state of the art in cryptography, privacy technologies, and AI/ML, (2) assess these configurations’ technical compatibility with E2EE; (3) overview potentially relevant areas of law, and provide a detailed analysis of the circumstances under which E2EE service providers are likely to be able to offer AI features which use E2EE content; and (4) offer four key recommendations, which amount to a framework for how to think about offering AI features in E2EE systems.