A proposed class action lawsuit has accused Meta Platforms of allowing employees, contractors, and third parties to access private messages on WhatsApp, despite marketing the service as fully private and end-to-end encrypted.
The 52-page complaint claims that although WhatsApp promotes its platform as one where only the sender and recipient can read messages, internal staff, Ireland-based firm Accenture, and possibly other third parties could access communications through a “backdoor” in the app’s source code.
According to the filing, this alleged backdoor allows Meta and WhatsApp personnel, along with contractors, to bypass encryption and view user messages. While the access is reportedly used to review content flagged for fraud or policy violations, the lawsuit states that these groups still have broad access to user communications.
The complaint further alleges that users are not informed or asked for consent regarding their messages being intercepted, read, stored, or accessed. It adds that WhatsApp’s privacy policy states messages are typically stored on users’ devices and not retained on company servers.
The lawsuit cites whistleblower reports submitted to federal investigators, claiming that Meta employees, WhatsApp staff, and third-party contractors were able to access user messages. These reports have reportedly led to an investigation by special agents with the US Department of Commerce.
The complaint also notes that WhatsApp partnered with Open Whisper Systems to implement the Signal Protocol, which is widely understood to ensure that messages remain inaccessible to anyone other than intended recipients. However, the filing alleges that Meta does not make its source code public, preventing independent verification of whether such a backdoor exists.
The case argues that WhatsApp’s ability to comply with government requests in countries such as India and the United Kingdom suggests the presence of a mechanism to access encrypted messages.
It also claims that around 2021 or 2022, WhatsApp employed hundreds of Accenture contractors globally to review and moderate message content. According to the filing, flagged messages, including several days of conversations, were made available to reviewers along with usernames and profile details.
The lawsuit states that since its launch in 2009, WhatsApp has consistently marketed itself as a secure messaging platform, emphasizing that messages are protected with encryption and not accessible to the company.
It further claims that Meta CEO Mark Zuckerberg has publicly stated that WhatsApp does not keep logs of user communications. The complaint argues that these assurances contradict the alleged practices described in the filing.
The case seeks to represent all WhatsApp users in the United States who sent or received messages on the platform between April 5, 2016, and the present.
Typically, users do not need to take action to join a class action lawsuit at the filing stage. If the case results in a settlement, eligible users are usually notified with further instructions.
The lawsuit has sparked reactions from prominent figures. Elon Musk commented on X that WhatsApp cannot be trusted, referencing reports about the case.
In response, WhatsApp stated that the allegations are false and said its platform has relied on end-to-end encryption using the Signal Protocol for years, ensuring that only senders and recipients can access messages.
Pavel Durov also criticized WhatsApp, alleging that the platform misleads users about its security and claiming it reads messages and shares them with third parties. He added that Telegram does not engage in such practices.
Meta did not immediately respond to a request for comment from Benzinga.
The report also notes that a similar lawsuit filed earlier this year accused Meta of misrepresenting WhatsApp’s encryption practices, which the company previously denied.
Shares of Meta Platforms rose 2.61% to close at $628.39 on Thursday and increased a further 0.099% to $629.01 in after-hours trading, according to Benzinga Pro.