Musk says WhatsApp 'not secure' amid lawsuit over end-to-end encryption
What's the story
A group of international WhatsApp users has filed a lawsuit against Meta, the parent company of the popular messaging app. The plaintiffs allege that despite the presence of end-to-end encryption, Meta can access their private messages. The lawsuit was filed in a San Francisco court on January 23 and describes the encryption feature as a "sham."
Accusations
Plaintiffs allege Meta employees can bypass encryption
The lawsuit, as reported by Bloomberg, involves plaintiffs from Australia, South Africa, Mexico, Brazil, and India. It claims that WhatsApp and Meta employees can bypass the app's end-to-end encryption to read users' messages. The plaintiffs say a worker just has to send a "task" to a Meta engineer explaining why they need access to WhatsApp messages for this purpose.
Rebuttal
Meta denies allegations, calls them 'false and absurd'
Responding to the lawsuit, a Meta spokesperson called the claims "false and absurd." They reiterated that WhatsApp's end-to-end encryption is designed to ensure messages are only accessible by the sender and recipient. The encryption keys remain on users' devices, making it impossible for Meta or anyone else to decrypt them.
Musk's input
Elon Musk weighs in on WhatsApp's security
SpaceX CEO Elon Musk also weighed in on the lawsuit, saying "WhatsApp is not secure." He added that "even Signal is questionable," and urged users to switch to his platform, X Chat. The new messaging service comes with end-to-end encryption, advanced message controls, and a unified inbox combining legacy DMs with the new Chat function.
Past issues
Meta's history of privacy-related lawsuits and controversies
This isn't the first time Meta has faced a privacy-related lawsuit. In September last year, its former head of security Attaullah Baig sued the company over "systemic cybersecurity failures" in WhatsApp. He claimed that around 1,500 WhatsApp engineers had unrestricted access to user data including sensitive personal information which they could move or steal without detection or audit trail.