US probes claims Meta staff accessed WhatsApp messages
What's the story
The US Department of Commerce is investigating allegations that Meta employees can access WhatsApp messages, despite the company's claims of end-to-end encryption. The probe was launched after former Meta contractors claimed they had "unfettered" access to these messages. The investigation specifically examines the claims of access to messages, challenging the advertised security of WhatsApp's encryption practices.
Encryption claims
Allegations contradict Meta's public stance on WhatsApp
The allegations against Meta contradict its public stance on WhatsApp, which it markets as a private app with default "end-to-end" encryption. The company has always maintained that no one outside of the chat, not even WhatsApp itself, can read or listen to what a user says. This claim has been made in its advertising and communication with governments seeking access to information on crimes.
Company response
Meta denies allegations, shares drop in extended trading
Meta has denied the allegations made by the former contractors, with a spokesperson saying that what they claim is not possible. "WhatsApp, its employees, and its contractors cannot access people's encrypted communications," said Andy Stone. Following these claims and the ongoing investigation, Meta's shares dropped about 1% in extended trading.
Access claims
Content moderators allege broad access to WhatsApp messages
Two former content moderators for WhatsApp, who worked through Accenture Plc, told an investigator that some Meta staff had access to WhatsApp messages. They also claimed they and their colleagues had broad access to these supposedly encrypted and inaccessible messages. One of the moderators said she spoke with a Facebook team employee who confirmed they could go back into WhatsApp (encrypted) messages for criminal cases.
Inquiry status
Investigation ongoing, current status unclear
The investigation, dubbed "Operation Sourced Encryption," is still active. However, its current status and potential targets remain unclear. Many investigations end without any formal allegations of wrongdoing. A Bureau of Industry and Security spokesperson said the employee's claims about WhatsApp encryption practices are unsubstantiated and outside his authority as an export enforcement agent.
Past issues
Meta's history of privacy-related issues and current stance
Meta has been accused of violating user privacy rules in the past, including several data and privacy breaches that resulted in a record $5 billion fine by the US Federal Trade Commission (FTC) in 2019. However, these violations did not involve WhatsApp. The company has since appointed a chief privacy officer and promotes end-to-end encryption as part of its commitment to user privacy.
Policy clarification
WhatsApp's policy on message access and lawsuit
WhatsApp has clarified that it does allow some message information to be seen by the company in certain cases, like when a user reports a problematic message. However, former contractors alleged broader access than what WhatsApp admits. The allegations are similar to those made in a lawsuit filed by an international group of plaintiffs on January 23 in US District Court in San Francisco.