/images/ppid_59c68470-image-176951262772970127.webp)
/images/ppid_a911dc6a-image-176950906147540556.webp)
/images/ppid_a911dc6a-image-176950913705868196.webp)
/images/ppid_a911dc6a-image-176950903061117061.webp)
Filed in the US District Court for the Northern District of California, the lawsuit challenges Meta’s core privacy pitch — that E2EE prevents anyone, including WhatsApp itself, from reading user messages.
According to Bloomberg, the plaintiffs argue Meta’s assurances are “false and misleading,” alleging WhatsApp can still “store, analyse, and access virtually all” communication on the platform.
Representing users across India, Brazil, Australia, Mexico, and South Africa, the suit further claims Meta retains the technical capability to decrypt and review message content for internal monitoring and data analysis.
Meta has dismissed the lawsuit as “frivolous” and “absurd.” Company spokesperson Andy Stone said Meta would seek legal sanctions against the plaintiffs’ counsel.
The sharp pushback underscores how central E2EE is to WhatsApp’s brand — a promise that only senders and recipients, not even the platform itself, can read their messages.
Global policy fight over encryption
WhatsApp is simultaneously battling regulatory pressure in Europe, where emerging child‑safety rules could force messaging apps to weaken
E2EE.
Europe is advancing a sweeping proposal to combat child sexual abuse (CSA), including measures that would let platforms detect, report, and remove material inside private messaging — a move that would require client-side or server-side scanning of encrypted conversations.
The EU Regulation to Prevent and Combat Child Sexual Abuse — widely dubbed “Chat Control” — aims to give legal grounds for scanning encrypted channels.
A May 2022 European Commission proposal set risk‑assessment duties for providers. Later Council positions went further, making voluntary detection permanent beyond the April 2026 ePrivacy derogation deadline and categorising services into risk tiers for possible mandatory scans.
Encryption-heavy platforms like WhatsApp and Signal argue these frameworks effectively break E2EE by introducing third‑party access points and widening the surveillance surface for more than 2 billion users.
The background of privacy breach allegations
The legal battle lands amid a background of recurring privacy and data-sharing disputes involving Meta and WhatsApp.
In September 2025, former WhatsApp security head Attaullah Baig alleged roughly 1,500 engineers had unaudited data access in violation of FTC terms, triggering retaliation claims.
Regulators have also intervened. In November 2024, India’s CCI fined WhatsApp $25.4M and blocked data sharing with Meta’s apps for five years.
In July 2024, São Paulo prosecutors sought $311M over forced cross-platform sharing. In May 2025, Meta won $168M from NSO Group over spyware breaches.
These actions mirror GDPR-linked penalties and ongoing EU probes, with Meta consistently denying any breach of encryption.
/images/ppid_a911dc6a-image-17695104300939661.webp)
/images/ppid_59c68470-image-176951003508285162.webp)
![[WATCH] MS Dhoni spotted in nets to prepare for IPL 2026 with CSK](https://glance-mob.glance-cdn.com/public/cardpress/binge-magazine-card-generation/spaces/IN/en/crictracker-spaces/images/ppid_49c02804-image-176951003243725950.webp)
/images/ppid_59c68470-image-176951002991248536.webp)
/images/ppid_59c68470-image-176951003050039966.webp)
