The Texas Attorney General has filed a lawsuit against Meta, accusing the company of misleading users about the security of WhatsApp’s end-to-end encryption, a feature claimed to protect messages from being accessed by anyone, including Meta itself.
- Texas AG alleges WhatsApp’s encryption claims are false
- Meta denies allegations, calling the lawsuit baseless
- Encryption experts support WhatsApp’s current security
What happened
The Texas Attorney General initiated legal action against Meta, asserting that WhatsApp does not provide the end-to-end encryption it advertises. The complaint claims Meta can access the plaintext content of WhatsApp messages, contrary to long-standing assurances. These claims refer to a Bloomberg report citing a closed federal investigation that questioned Meta’s handling of encrypted messages.
Meta, which has emphasized since 2016 that WhatsApp messages are fully encrypted using the Signal protocol, maintains that it cannot read message content. The company disputes the lawsuit’s allegations and plans to contest them in court. The complaint also references internal message reporting processes but lacks direct evidence beyond the media report.
Why it matters
WhatsApp is one of the world’s most widely used messaging apps, and its end-to-end encryption has been a cornerstone of user privacy promises. If Meta’s claims about encryption integrity were invalidated, it could undermine trust in the platform and raise broader concerns about data security on large tech services.
The case highlights ongoing tensions between user privacy, corporate assurances, and regulatory scrutiny. Encryption experts who have analyzed WhatsApp’s security generally affirm that the app fulfills its privacy promises, calling the lawsuit’s evidence into question. However, the dispute also underscores the challenges regulators face in verifying claims of security technology in complex digital environments.
What to watch next
Legal proceedings will determine whether the Texas Attorney General can substantiate the allegations that WhatsApp’s encryption claims are misleading. Meta’s response and the court’s rulings may set important precedents for how encryption promises are regulated and disclosed to users in the US and beyond.
Meanwhile, cybersecurity researchers and privacy advocates will continue to monitor the situation closely. Independent assessments and potential technological audits could influence public perceptions and guide future policy discussions around encryption, user privacy, and platform accountability.