Meta is under scrutiny in the United States after a legal complaint and federal inquiry raised questions over whether WhatsApp’s end-to-end encryption fully prevents internal access to private user messages, as the company has long claimed.
For more than a decade, WhatsApp has positioned end-to-end encryption as the foundation of its privacy promise, assuring users that only senders and recipients can read their messages. That assurance is now facing renewed legal and regulatory examination in the United States.
A civil complaint filed against Meta Platforms alleges that the company overstated the privacy protections offered by WhatsApp, potentially misleading users about the extent to which their communications were shielded from internal access. The case has drawn attention following reports that US authorities reviewed claims from former contractors who said message content was accessible despite encryption safeguards.
While no criminal charges have been filed, the allegations strike at one of WhatsApp’s most central claims—that encrypted conversations are entirely beyond the reach of Meta, its employees, or third parties.
Federal inquiry and conflicting accounts
According to public reports, investigators from the US Department of Commerce examined statements from former content moderators who worked on Meta projects through a third-party services firm. The contractors alleged that they, along with some Meta staff, could view WhatsApp message content during moderation and review processes.
Internal investigation notes cited in media reports suggest that multiple individuals independently described similar access, prompting further examination by federal officials. The inquiry reportedly remained active into early 2026, although its precise scope, legal basis, and intended outcome have not been publicly detailed.
The investigation’s unusual placement within an export enforcement agency highlights how encryption has become both a consumer trust issue and a matter of national security oversight in the US.
Meta denies access, trust at stake
Meta has firmly rejected the allegations, stating that WhatsApp’s encryption architecture makes internal access to message content technically impossible. Company spokespersons have reiterated that neither employees nor contractors can read encrypted communications.
US authorities have also cautioned against drawing definitive conclusions, noting that some investigative claims fall outside the mandate of export enforcement officials.
Even so, privacy experts argue that user understanding of encryption often overlooks complexities such as metadata, cloud backups, and device-level access, which can blur expectations of total privacy.
For Meta, the controversy echoes earlier privacy battles and regulatory penalties, reviving questions about transparency at a time when public trust in digital platforms remains fragile. As the case unfolds, both regulators and users are once again weighing how private “private messaging” truly is.
