Two billion people have a quiet agreement with WhatsApp. The app states it plainly before every conversation: messages are end-to-end encrypted, meaning only the sender and recipient can read them — not governments, not hackers, not even WhatsApp. Most people take that at face value. It sounds like a complete privacy guarantee. For most practical purposes, it is. But "most practical purposes" and "all practical purposes" are different things, and that difference is now the subject of a lawsuit.
On May 21, Texas Attorney General Ken Paxton filed suit against Meta and WhatsApp under the Texas Deceptive Trade Practices Act, alleging the companies misled users about the scope of their privacy protections. The complaint seeks a permanent injunction and up to $10,000 per violation. Meta's response was categorical: "WhatsApp cannot access people's encrypted communications and any suggestion to the contrary is false."
Here's what makes this genuinely complicated: both of those things can be simultaneously true. You can have real encryption protecting messages in transit and still have a privacy profile that doesn't match what the marketing implies. Working out why requires being precise about what WhatsApp's encryption actually covers — and honest about what it doesn't.
WhatsApp uses a cryptographic standard called the Signal Protocol — the same open-source protocol used by the Signal app itself — for message encryption. The underlying math is solid. It uses the Double Ratchet algorithm for forward secrecy, Curve25519 for key exchange, AES-256 for message encryption, and HMAC-SHA256 for authentication. These aren't obscure or experimental choices. Researchers from Oxford, Queensland University of Technology, and McMaster University formally analyzed the protocol in 2016 and found it cryptographically sound. When you send a message, it is encrypted on your device before it leaves. It is decrypted only on the recipient's device. The encryption in transit is real.
The Signal Protocol is not the problem. The problem is everything built around it.
The most significant gap is in backup behavior, and it's entirely self-inflicted by how the product shipped. By default, when Android users back up WhatsApp to Google Drive or iOS users back up to iCloud, those backups are not protected by end-to-end encryption (the process that keeps messages readable only to sender and recipient). The option to encrypt your backup exists — WhatsApp introduced it in 2021, built on a hardware security module-based key vault system — but it's disabled by default and buried several layers deep in settings. Most users have never touched it. The practical consequence is that the same message content protected in transit can be sitting in a cloud backup with no equivalent protection. This has been a known law enforcement access vector for years. Obtaining unencrypted WhatsApp backups from cloud providers is one of the more reliable routes to message content precisely because the encryption that protects messages in motion doesn't automatically follow them into storage. The engineering on the encrypted backup option is solid. Shipping it as opt-in rather than opt-out is the choice that created the expsoure.
Then there's metadata. WhatsApp's encryption protects message content — what you said. It does not protect metadata — data about your communication. WhatsApp's own privacy policy describes what is collected: usage logs including when you last used the service and which features you used, device and connection information including hardware model, operating system, app version, IP address, and mobile network details, and general location inferred from IP address and phone settings. All of it cross-refrenceable with other Meta services.
"We kill people based on metadata." — General Michael Hayden, former director of both the NSA and the CIA, at a Johns Hopkins debate, 2014.
That quote sounds extreme until you consider what metadata actually reveals. Who you contact, at what hour, from what location, and how often tells a detailed story even when the content of those communications is never read. Calling a messaging platform "encrypted" while it generates this volume of behavioral telemetry is technically defensible. It just isn't the same as private.
The third issue needs careful framing because it's easy to state inaccurately. The Signal Protocol library that WhatsApp uses is open source. It has been publicly reviewed and formally analyzed. The protocol itself is trustworthy. What is not open to independent verification is WhatsApp's complete implementation of that protocol — the app code, the server-side infrastructure, the key management systems. Independent security researchers can analyze the published whitepaper and reverse-engineer traffic patterns, but they cannot audit whether the implementation matches the protocol's guarantees in every respect, whether server-side behaviors create any exceptions, or whether the trust model in the documentation reflects what the system actually does. The Electronic Frontier Foundation notes this directly: WhatsApp's "closed-source nature makes it difficult for outside experts to confirm that the company has implemented their encryption in a secure way." The uncertainty isn't about the cryptography. It's about whether the platform built around it does what it says, with no external check.
Then there's the Commerce Department investigation, which is where this gets harder to report cleanly.
In April 2026, Bloomberg reported on a ten-month federal investigation inside the Commerce Department's Bureau of Industry and Security (BIS), the agency responsible for export controls and certain technology enforcement. According to Bloomberg — which reviewed and authenticated the relevant correspondence with multiple recipients — a BIS special agent circulated a January 16, 2026 email to more than a dozen federal officials summarizing his findings. The agent wrote that Meta "stores and can view WhatsApp messages" and that "there is no limit to the type of WhatsApp message that can be viewed by Meta." He described a "tiered permissions system" in place since at least 2019, with access reportedly extending to employees, contractors, and a significant number of overseas workers. Bloomberg also reported that two individuals who performed content moderation work under contract with Accenture told investigators they had broad access to WhatsApp messages.
Bloomberg explicitly stated it had not independently confirmed the agent's underlying claims. The email represented preliminary conclusions, not a formal finding. Shortly after it circulated, BIS publicly disavowed the probe and stated it was not investigating Meta or WhatsApp for export law violations. No public explanation was given for why a ten-month investigation was shut down immediately after the agent tried to coordinate with other agencies. Meta denies everything: "What these individuals claim is not possible because WhatsApp, its employees, and its contractors cannot access people's encrypted communications."
The agent's conclusions aren't proven fact — Bloomberg said so itself. What can be said accurately is that a federal investigator spent ten months on this, reached preliminary conclusions that directly contradict Meta's marketing, and the investigation was closed before any of it was formally tested or disputed on the record. That's not a verdict. It's a question that didn't get answered.
The Bloomberg reporting on Accenture contractors is worth being careful about though, because the Paxton lawsuit treats it as evidence of systemic encryption failure and that's not quite right. Every major messaging platform operating at scale has an abuse reporting mechanism. When a user reports a message on WhatsApp, the platform receives that message plus the four preceding it — five total, including any images or video — along with associated metadata. Human reviewers, typically contractors, evaluate the flagged content against platform policy. Meta acknowledges this. It's been independently confirmed by ProPublica through interviews with former engineers and reviewers. If Accenture contractors described accessing WhatsApp messages through content moderation workflows, that access is consistent with a documented, disclosed mechanism. That's not end-to-end encryption failing. It's a consent model that most users don't understand, and there's a real problem in that gap. But it's a different problem than a backdoor.
The open question the investigation didn't resolve is whether that access was strictly bounded to reported content, or whether the permissions system the agent described went further. That's the distinction that matters — between a moderation workflow and something else — and the available evidence doesn't settle it.
For anyone making decisions about communication security for environments where confidentiality is a real requirement — legal teams, executive communications, incident response, anything with regulatory sensitivity — the WhatsApp risk profile is now specific enough to state clearly. The Signal Protocol governing message transmission is well-reviewed and there is no credible technical evidence it's broken. Everything surrounding that protocol is a different conversation. Default backup behavior that routes message content through cloud storage without equivalent protection. Metadata collection at a scale that is disclosed but rarely understood. A closed implementation that can't be independently audited. And a set of internal access questions that a ten-month federal investigation didn't resolve.
The comparison worth making isn't a brand preference — it's architecture. Signal uses the same underlying cryptographic protocol. The entire Signal codebase, including server-side components, is publicly available and has been independently reviewed. Signal has disclosed in legal-process responses that it can provide only an account's creation date and the date of its most recent connection to Signal's servers — and because the code is open, those claims can be verified rather than taken on trust. No advertising business model creating incentives to expand data collection. The security properties Signal claims are independently verifiable. WhatsApp's cannot.
Whether Paxton wins this case is, honestly, beside the point for anyone thinking about security architecture. Courts interpret consumer protection statutes — they don't produce cryptographic audits. Worth noting the filing landed while Paxton pursues the Republican nomination for U.S. Senate in a heated runoff — his office has run a sustanied enforcement campaign against major technology companies, with prior settlements from Meta over biometric data collection and from Google over tracking practices, and active cases against Netflix, Snapchat, and TikTok. Whether this particular filing is principled enforcement or political timing, the technical questions it raises were already there.
When a messaging platform markets itself as encrypted and private, does that label need to cover the default backup behavior, the metadata collection, the unauditable implementation, and the unresolved internal access questions? Or does "encrypted" just mean the cryptographic protocol governing message transit is sound?
A lot of people making decisions right now are assuming the first. WhatsApp's technical architecture delivers the second.
That gap — between the mental model and the actual system — is the real problem. And it'll still be there when this case is over.
Originally published at blog.vertexops.org.