Meta and WhatsApp maintain that all personal messages are protected by end-to-end encryption (E2EE) using the Signal Protocol, strongly denying any backdoors or access to user communications. The company has actively fought lawsuits alleging otherwise.
The debate intensified after a global class-action lawsuit in the US accused Meta of misleading users. Investigations were eventually closed without substantiating the claims. WhatsApp insists encryption keys remain solely on user devices, making message interception mathematically impossible.
However, critics highlight important limitations. Cloud backups to Google Drive or iCloud are often unencrypted unless users manually enable the optional end-to-end encrypted backup feature. WhatsApp also collects extensive metadata, including contact patterns, IP addresses, and timing data. Additionally, messages can be decrypted and reviewed when users manually report chats for abuse.
Telegram CEO Pavel Durov has aggressively criticized WhatsApp, calling its E2EE claims “the biggest consumer fraud in history.” In an April 9, 2026 post, he claimed that approximately 95% of WhatsApp messages end up as plain-text backups on Apple and Google servers. Durov argues that even if one user enables encrypted backups, conversations remain vulnerable if their contacts do not.
Meta has rejected Durov’s accusations as “absurd,” reaffirming the strength of its core messaging encryption. The public feud has sparked broader discussions on platform trust, with figures like Elon Musk also questioning WhatsApp’s reliability. Cybersecurity experts note that Telegram itself does not enable E2EE by default for standard chats.
While both platforms offer strong in-transit protection, user behavior around backups and features remains a key factor in overall privacy.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
