Meta Platforms, Inc., faces a new lawsuit that challenges WhatsApp’s end-to-end encryption promise and its privacy marketing. A group of plaintiffs from five countries sued Meta and WhatsApp in the US District Court in San Francisco on January 23, seeking class-action status that could cover WhatsApp’s billions of users worldwide.
The plaintiffs allege that Meta and WhatsApp made false claims about WhatsApp's privacy and security protections. The case targets WhatsApp’s core message that chats stay private through end-to-end encryption.
In-app notices on WhatsApp tell users that ‘only people in this chat can read, listen to, or share’ messages. However, the plaintiffs argue that those assurances do not match how the service operates.
The complaint alleges Meta and WhatsApp can “store, analyze, and can access virtually all of WhatsApp users’ purportedly ‘private’ communications,” the filing said, as cited by Bloomberg. The plaintiffs also accuse the companies and their leaders of defrauding WhatsApp users.
The plaintiffs belong to Australia, Brazil, India, Mexico, and South Africa. They have requested the court to certify the case as a class-action lawsuit, expanding the scope of potential claims.
The filing centers on alleged access to user communications and WhatsApp user data access. It also claims employees can access the substance of users’ communications.
The complaint references “whistleblowers” as part of how the allegations surfaced. However, it does not identify them or describe their roles in the filing.
The new case follows a separate whistleblower lawsuit filed in September 2025 by Attaullah Baig, WhatsApp’s former Head of Security. Baig alleged that about 1,500 WhatsApp engineers had unrestricted access to user data without proper oversight.
Baig also claimed the company failed to address more than 100,000 daily account takeovers. Those allegations add context to the broader WhatsApp security and privacy debate raised in the new complaint.
The plaintiffs’ legal team includes attorneys from Quinn Emanuel Urquhart & Sullivan and Keller Postman, among other firms. In addition, Jay Barnett of Barnett Legal, listed as one of the plaintiffs’ attorneys, declined to comment on the case.
Meta dismissed the lawsuit and attacked its credibility. Meta spokesperson Andy Stone called the case “a frivolous work of fiction” in a statement.
Stone also rejected the central accusation about access to encrypted messages. “Any claim that people’s WhatsApp messages are not encrypted is categorically false and absurd,” he said.
Meta noted that WhatsApp has used end-to-end encryption based on the Signal protocol for a decade. The company also informed that it will pursue sanctions against the plaintiffs’ legal team.
WhatsApp is reported to have more than 3 billion monthly active users globally, including 100 million in the United States. That scale increases the potential impact of claims tied to WhatsApp privacy claims and encryption marketing.
The plaintiffs argue a gap exists between WhatsApp’s encryption assurances and the access they allege employees can obtain, and they say users suffered harm as a result. Meta disputes the claim and says its end-to-end encryption design prevents the company from reading message content.
The case now moves into early-stage litigation, with class-action certification as a key near-term objective for the plaintiffs. Consequently, the court’s handling of the allegations and Meta’s response could shape how the dispute proceeds in San Francisco.
Also Read: WhatsApp Turns Secret Keeper: New Chat Privacy Feature Blocks Media Saves