What the Texas Attorney General Is Accusing Meta Of
Texas attorney general Ken Paxton has filed a lawsuit against Meta and its messaging platform WhatsApp, accusing the company of misleading users about how private their conversations really are. Paxton claims Meta “misled consumers regarding the strength and scope” of WhatsApp’s privacy protections by marketing it as fully protected by end-to-end encryption while allegedly retaining ways to access message content. He argues that investigations and insider accounts show Meta’s public statements that it cannot read WhatsApp messages are “blatantly inaccurate,” and that message content can allegedly be “pulled and viewed” after sending. Filed under the state’s Deceptive Trade Practices Act, the WhatsApp encryption lawsuit seeks penalties for what Paxton frames as a systematic deception of users who believed their chats were inaccessible to anyone but sender and recipient. The case squarely targets Meta privacy claims as potentially false marketing, not just technical design flaws.
End-to-End Encryption: Promise, Practice, and Metadata Gaps
At the heart of the dispute is end-to-end encryption, the security model WhatsApp has long promoted. Under this model, only the two endpoints—typically the sender and recipient—should be able to read message contents, with even the service provider locked out. Cryptography researchers note that WhatsApp’s protocol does, in fact, provide end-to-end encryption for message content, and say there is no concrete evidence the company has broken that specific promise. However, experts have identified weaknesses around user control, such as how group membership is managed, and stress that end-to-end encryption does not shield metadata. Authorities have used WhatsApp metadata, including who contacted whom and when, in past criminal investigations. The lawsuit leverages public confusion over the difference between content and metadata to argue that WhatsApp’s privacy narrative overstates real-world protections, even if the core encryption protocol is technically sound.
Whistleblower Allegations and a Closed Federal Probe
Paxton’s complaint leans heavily on whistleblower accounts and a prior federal inquiry into WhatsApp’s internal tools. A Bloomberg report described how a special agent with the Office of Export Enforcement examined claims that Meta employees and contractors could view WhatsApp message content. According to a Commerce Department memo cited in related coverage, internal tools allegedly allowed “virtually all” types of messages to be accessed, with “no limit” on what could be viewed. That federal case was ultimately closed, and cryptographers caution that the evidence base remains thin. Still, the Texas filing incorporates these whistleblower narratives and earlier class-action allegations that staff and third-party contractors enjoyed “broad access” via undisclosed backdoors. By repackaging those claims under consumer protection law, the Texas attorney general seeks to transform technical and whistleblower disputes into a legal argument about deceptive Meta privacy claims.
Meta’s Response: ‘False and Absurd’ Accusations
Meta has rejected the allegations in uncompromising terms, insisting that WhatsApp cannot read users’ encrypted messages. Company representatives have called similar claims in earlier class-action cases “false and absurd,” arguing that the whistleblowers behind those suits are confused, misinformed, or acting in bad faith. A Meta spokesperson reiterated that WhatsApp “cannot access people’s encrypted communications,” while communications executive Andy Stone publicly labeled the latest accusations “untrue.” Meta says it has tried to engage with plaintiffs in related litigation but has made little progress, reinforcing its stance that the lawsuits rest on misunderstandings of how end-to-end encryption and moderation tools work. The company also highlights its “strong record on protecting people’s messages,” positioning itself as a defender of private communication while preparing to fight the Texas case aggressively in court.
Why This WhatsApp Encryption Lawsuit Matters for Users Everywhere
Beyond Meta, the Texas lawsuit could reshape how encrypted apps communicate about privacy. By targeting claimed discrepancies between marketing and technical reality, the case signals that regulators will scrutinize not only whether end-to-end encryption exists, but how it is described to consumers. Texas is seeking up to USD 10,000 (approx. RM46,000) per violation under its Deceptive Trade Practices Act, along with a permanent injunction barring Meta from accessing messages without explicit consent. A prior USD 1.375 billion (approx. RM6.33 billion) settlement with another tech company shows the state is willing to push for massive penalties. If Paxton succeeds, messaging platforms may need to clarify the limits of encryption, especially around metadata and internal tooling. Even if Meta prevails, the case underscores growing skepticism of broad Meta privacy claims and will likely influence future disclosure standards for secure messaging apps.