US probes allegation Meta can access WhatsApp chats

US officials have looked into allegations that Meta is capable of accessing supposedly private, end-to-end encrypted messages sent via its WhatsApp service, according to media reports, though both the company and government sources strongly dispute the claim.

The scrutiny follows a recent lawsuit accusing Meta of being able to read “virtually all” WhatsApp communications despite the platform’s promise of end-to-end encryption. Meta rejected the accusation outright, describing it as “categorically false and absurd” in comments reported by Bloomberg.

Meta also argued that the case appears intended to support the interests of NSO Group, the Israeli spyware maker behind Pegasus. NSO recently lost a major legal battle after WhatsApp sued it for exploiting the service to target more than 1,400 users, including activists and journalists. A US federal court ordered NSO to pay $167m in damages for breaching WhatsApp’s terms of service.

The new lawsuit was filed by the law firm Quinn Emanuel Urquhart & Sullivan, which says its claims are based on information from unnamed whistleblowers in several countries. The firm is also representing NSO in its appeal against the earlier judgment, a connection Meta says undermines the credibility of the new case.

Meta spokesperson Carl Woog said the company is seeking sanctions against the law firm, calling the lawsuit a publicity stunt. In response, Quinn Emanuel partner Adam Wolfson said the case is based on independently obtained facts and argued that Meta’s public denials avoid directly addressing whether the company has the technical ability to read messages.

Security experts are sceptical of the whistleblowers’ claims. Steven Murdoch of University College London said the allegations are difficult to assess without knowing more about the sources. He added that if WhatsApp were secretly accessing message content, it would likely have been exposed internally, given how hard it is to keep such a practice hidden inside a large company.

Reports also suggested that officials within the US Department of Commerce had examined whether Meta could read WhatsApp messages. However, a department spokesperson dismissed those suggestions as unsubstantiated.

WhatsApp maintains that its end-to-end encryption means only the sender and recipient can read message content, with no readable copy available on company servers. This differs from services such as Telegram, where messages are encrypted in transit but can theoretically be decrypted by the company itself.

Even so, critics note that WhatsApp still gathers extensive metadata, such as contact lists and records of who communicates with whom and when. A senior technology executive told The Guardian that while metadata collection raises privacy concerns, the notion that WhatsApp could retroactively decrypt specific chats contradicts the mathematics underlying end-to-end encryption.

Meta insists its encryption system remains secure and says it will continue to defend users’ right to private communication against what it calls misleading and meritless claims.