187

Lawsuit Alleges That WhatsApp Has No End-to-End Encryption (it.slashdot.org)

submitted 1 day ago by BeatTakeshi@lemmy.world to c/privacy@lemmy.ml

13 comments fedilink hide all child comments

To the surprise of no one...

top 13 comments

sorted by: hot top controversial new old

[-] PierceTheBubble@lemmy.ml 9 points 18 hours ago* (last edited 18 hours ago)

E2EE isn’t really relevant, when the “ends” have the functionality, to share data with Meta directly: as “reports”, “customer support”, “assistance” (Meta AI); where a UI element is the separation.

Edit: it turns out cloud backups aren’t E2E encrypted by default… meaning: any backup data, which passes through Meta’s servers, to the cloud providers (like iCloud or Google Account), is unobscured to Meta; unless E2EE is explicitly enabled. And even then, WhatsApp’s privacy policy states: “if you use a data backup service integrated with our Services (like iCloud or Google Account), they will receive information you share with them, such as your WhatsApp messages.” So the encryption happens on the server side, meaning: Apple and Google still have full access to the content. It doesn’t matter if you, personally, refuse to use the “feature”: if the other end does, your interactions will be included in their backups.

Cross-posting my comment from the cross-posted post

[-] SapphironZA@sh.itjust.works 49 points 1 day ago

[-] mudkip@lemdro.id 4 points 22 hours ago

Thanks, I'm saving that.

[-] reabsorbthelight@lemmy.world 58 points 1 day ago

"Your honor, end to end encryption is a marketing term that we have trademarked and we would like to counter sue anyone using it"

[-] pHr34kY@lemmy.world 30 points 1 day ago

It'a still end-to-end encryption when they have backdoored both ends.

[-] FatVegan@leminal.space 1 points 2 hours ago

Why is it called a one way street when you can drive both ways?

[-] autonomoususer@lemmy.world 25 points 1 day ago

Correct, WhatsApp fails to include a libre software license text file. We do not control it. So, it has never been secure.

[-] ChaoticNeutralCzech@feddit.org 17 points 1 day ago* (last edited 1 day ago)

Being FOSS is not a prerequisite of E2EE but a prerequisite of knowing it's E2EE for sure. Like, I can give you a black box that prints PGP key pairs and says "includes RPGP, MIT-licensed PGP library" but you can't trust that the machine doesn't use modified, low-entropy RNG or exfiltrate the results. The communication you do with these PGP keys is technically E2EE − a third party server relaying your messages will not be able to read them, unless I provide them with the potentially not-so-secret "random" data my box generated.

But you're right: if my black boxes are also used to encrypt/decrypt the messages with "your" keys (made by them) and I run a non-transparent ssrvice that delivers the messages, there is a case for not calling it E2EE.

[-] sun_is_ra@sh.itjust.works 11 points 1 day ago

Is that new? I remember reading about this years ago.

yes communication is encrypted end to end which means no one could evedrop but once the information arrive to your app and get saved to your device there is nothing preventing whatsapp from sending to its parent company,

E2E encryption doesnt mean whatsapp is trustworthy

[-] Rose@lemmy.zip 1 points 10 hours ago* (last edited 8 hours ago)

[deleted]

[-] tjoa@feddit.org 12 points 1 day ago

I don’t know if they still do it but they actively gaslight you into believing you have e2e even with peers you have not scanned the public key of.

[-] unknowing8343@discuss.tchncs.de 10 points 1 day ago

I get your point but E2E is independent from public key validation. Public key validation is basically being a bit more slightly sure that the E2E communication happens with who you think, although... It's never a guarantee. Keys can be stolen.

[-] elvith@feddit.org 4 points 1 day ago

Stolen? That's a harsh term. We prefer "backed up to our cloud for your security"!

this post was submitted on 28 Jan 2026

187 points (99.5% liked)

Privacy

45016 readers

1081 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 6 years ago

MODERATORS