In this case, Mr Cathcart is right to say only the sender and recipient of a WhatsApp message can read its contents.
In fact, the firm’s commitment to encrypting messages is so significant that it previously said it would rather be blocked in the UK than weaken the encryption it uses.
Mr Musk’s vague language – simply saying that “user data” was being uploaded – could however be interpreted to refer to metadata, the extra bits of information sent alongside the actual message.
“WhatsApp messages are end-to-end encrypted, but user data is not only about messages,” said security researcher Tommy Mysk in a post on X, external.
“That also includes the metadata such as user location, which contacts the user is communicating with, the patterns of when the user is online, etc.”
It is known that WhatsApp does share some metadata with other platforms Meta owns – but this does not include messages.
“One area of particular concern has been WhatsApp sharing data with other Meta companies,” said Dr Tristan Henderson, lecturer in computer science at the University of St Andrews.
“This does include sufficient metadata for these Meta companies to make suggestions and show personalised adverts, which in itself shows what metadata can reveal.”
The WhatsApp Privacy Policy specifically states that the firm will use some user data for “showing relevant offers and ads across the Meta Company Products”.
The BBC has approached Meta for comment.
Credit: Source link