WhatsApp Business Privacy: What Meta Can Really Read
WhatsApp Business It has been at the center of a heated privacy debate since late January 2026. WhatsApp Business's privacy has been called into question by a complaint against Meta that claims conversations can be read, despite end-to-end encryption.
The affair has also attracted the attention of U.S. authorities, with the Department of Commerce initially listed as involved in an investigation. The allegations come from a group of individuals and former employees of the California-based company, who allege that Meta retained and accessed messages. In response, the Menlo Park-based company categorically denied any possibility of reading chats.
To clarify, Matthew Green, an internationally recognized cryptography expert, has analyzed in detail how the messaging service works and the security model adopted by WhatsApp. His contribution is essential to understanding what is technically possible and what, instead, falls more into the realm of theoretical hypotheses than proven facts.
WhatsApp Business and end-to-end encryption: how it really works
Since 2014, WhatsApp has been using end-to-end encryption based on the protocol Signal, the same one used by one of the most privacy-oriented messaging apps. Messages sent by users, including those via WhatsApp Business, are encrypted both in transit and when temporarily stored on Meta's servers.
The key feature of this model is that the keys to decrypt the content reside exclusively on the users' devices and not on the central servers. In practice, the Meta server only sees encrypted data: it has no access to the clear text of the conversations. This means that, under normal circumstances, no one can read the messages: not Meta employees, nor any third parties, nor law enforcement without direct access to the devices.
According to Matthew Green, the cryptographic structure adopted by WhatsApp and WhatsApp Business is designed specifically to prevent an intermediary from viewing the content of messages. The Signal protocol is widely documented and considered a reference standard in the industry, as reported by the official Signal documentation and independent analyses in the field of cybersecurity (In-depth analysis of the Signal Protocol).
Can Meta read WhatsApp chats? Between accusations, investigations, and denials.
At the heart of the case is the complaint filed in late January 2026 against Meta, alleging that the company stores and accesses users' conversations. The allegations, amplified by former employees, allege that the protection offered by end-to-end encryption is not as complete as claimed.
The complaint also refers to an alleged investigation launched by the U.S. Department of Commerce. However, a Department spokesperson subsequently denied this involvement, downplaying one of the more sensational parts of the story. The plaintiffs' statements, however, point to Meta's servers as a possible data access point.
The issue has received significant media attention, partly due to public interventions by prominent figures in the tech world. Elon Musk immediately seized the opportunity to suggest using X Chat as an alternative to WhatsApp for those concerned about their privacy. Pavel Durov, founder of Telegram, openly criticized Mark Zuckerberg, calling him a "lie" about the app's security. This context has contributed to further confusion among private users and companies that use it. WhatsApp Business as a communication channel.
Meta, for its part, has repeatedly reiterated that there are no mechanisms in place to read encrypted messages on its servers. The company insists that any data access can only concern metadata elements or content that the user has explicitly chosen to save on third-party services, such as cloud backups.
WhatsApp Business, closed source code and backdoor hypothesis
One of the most sensitive points highlighted by Matthew Green concerns the fact that WhatsApp's source code is not open source, unlike Signal's. This also applies to the version WhatsApp Business. The closed source nature of the client makes it impossible for the security community to fully independently analyze the code.
In theory, this scenario opens the door to the possibility of a backdoor, a hidden mechanism that allows Meta to access messages or decryption keys. However, this would be an extremely risky option: according to Green, if such a backdoor existed, it would be discovered sooner or later, leaving visible traces in the app's behavior and traffic.
The regulatory environment and the oversight of the security research community make this scenario "unlikely" from a practical standpoint. Such a serious breach of user trust would have devastating consequences for the reputation of Meta and WhatsApp Business, with direct impacts on the global user base and the businesses that use it every day to manage their communications. Organizations like“Electronic Frontier Foundation They constantly monitor secure communication tools, helping to keep a high level of awareness of potential abuse.
Backup, iCloud, and the Real Weakness of WhatsApp Business Privacy
If WhatsApp end-to-end encryption is WhatsApp Business It's designed to protect messages in transit and on Meta's servers; the real weakness lies in backups. The iOS app lets you save conversations to iCloud, a convenient way to avoid losing data if you replace or lose your device.
The problem is that, by default, these iCloud backups are unencrypted, meaning they aren't encrypted with the same safeguards offered by real-time messages. Only by enabling Apple's "Advanced Data Protection" feature can users obtain stronger protection, extending encryption to these backups as well. Without this option, anyone with access to the iCloud account or its backups can potentially read the conversations.
The complaint against Meta, however, focuses on the company's servers and not on backups managed by third parties. This is an important detail: many of the vulnerabilities perceived by users actually stem from personal configuration choices (such as unencrypted backups), rather than from structural flaws in end-to-end encryption. For companies that use WhatsApp Business, including those that integrate tools such as SendApp Official, it therefore becomes essential to define clear policies on backup and device management.
Ultimately, Matthew Green emphasizes that there is currently insufficient evidence to substantiate the claims made in the complaint against Meta. Those who don't trust WhatsApp's proposed model can turn to alternatives like Signal, whose client is entirely open source, but they must still consider the entire security ecosystem: devices, backups, cloud account management, and user training.
WhatsApp Business: Impact on Marketing and Business
The reliability of privacy of WhatsApp Business It has a direct impact on marketing strategies and customer relationships. Companies using WhatsApp as a communication channel must be able to rely on a secure environment, both to protect sensitive data and to build long-term trust and credibility.
In a context of digital marketing Increasingly conversational, WhatsApp Business is often the focus of nurturing, customer support, and guided sales campaigns via chat. If concerns about the confidentiality of conversations arise, the entire customer experience can suffer: customers may be less inclined to share information, place orders, or discuss specific issues via messaging.
For businesses, particularly those operating in regulated sectors or handling sensitive personal data (e-commerce, healthcare, financial services), the security assessment of WhatsApp Business It becomes an integral part of data governance. This isn't just a technical choice, but a strategic one that impacts compliance, reputation, and business results.
The correct configuration of the tools, the controlled management of company devices and the integration with security solutions marketing automation and CRM are essential steps to transform WhatsApp Business into a secure and high-performance asset. In this scenario, specialized automation platforms help companies structure workflows, permissions, and controls, reducing the risks associated with uncontrolled use of the app.
How SendApp Can Help with WhatsApp Business
For companies that want to exploit WhatsApp Business in a professional, secure and scalable way, the use of a dedicated platform such as SendApp It represents a concrete competitive advantage. The goal is to integrate the power of messaging with advanced controls over access, flows, and processed data.
SendApp Official It offers integration with the official WhatsApp APIs, ensuring Meta policy-compliant management and an infrastructure designed for enterprise use. This allows communications to be concentrated on a certified channel, reducing risky practices such as the use of personal or unauthorized accounts for customer support.
For the operational management of conversations, SendApp Agent It allows you to distribute WhatsApp Business chats across teams and departments, maintaining traceability and control over who accesses what. This allows the company to structure permissions, roles, and interaction logs, which is also essential for internal security.
In the end, SendApp Cloud Enable advanced automation workflows on WhatsApp Business: automated messages, contact segmentation, targeted campaigns, and integration with CRM and other business systems. Automation, however, doesn't mean sacrificing privacy: on the contrary, centralized management helps reduce human errors, duplication, and misuse of customer data.
If your company is considering how to adopt or enhance WhatsApp Business, The next step is to define a strategy that combines security, automation, and marketing. Contact us for a personalized consultation and to discover how SendApp can help you design effective, scalable conversational flows that comply with data protection best practices. You can also start a free trial of the solutions best suited to your needs.
