Texas Attorney General Sues Meta Over WhatsApp Encryption Claims

Summary

The Texas Attorney General filed a lawsuit against Meta on Thursday, alleging that the company has misled users for over a decade about WhatsApp's end-to-end encryption (E2EE) capabilities. According to the complaint, Meta has repeatedly claimed since 2016—including in sworn testimony before Congress in 2018—that WhatsApp messages are fully encrypted and inaccessible to the company. However, the Texas AG argues that Meta can and does access plaintext messages, contradicting its public promises to over 3 billion WhatsApp users.

The lawsuit relies primarily on a Bloomberg article published last month, which reported that the U.S. Commerce Department's Bureau of Industry and Security had abruptly closed an investigation into Meta's alleged ability to decrypt WhatsApp messages. The article cited an internal email stating that "there is no limit to the type of WhatsApp message that can be viewed by Meta." The Texas AG filing argues that Meta's deception caused users to believe their communications were private when they were not.

Meta called the allegations "baseless" and pledged to fight the lawsuit in court. However, encryption experts and technologists have raised significant concerns about the lawsuit's evidentiary foundation, noting that a proper reverse engineering of WhatsApp would likely reveal any encryption bypasses. A 2023 technical analysis by researchers found WhatsApp generally secure and functioning as described, though they identified one design flaw involving group chat administration.

• The case centers on whether Meta can access plaintext WhatsApp messages, contradicting the company's public claims about E2EE protection