> but whatsapp's marketing is pretty unequivocal that they can't read your messages.

well that's alright then

facebook's marketing and executives have always been completely above board and completely honest

The thing is, if they were uploading your messages, then they'd want to do something with the data.

And humans aren't great at keeping secrets.

So, if the claim is that there's a bunch of data, but everyone who is using it to great gain is completely and totally mum about it, and no one else has ever thought to question where certain inferences were coming from, and no employee ever questioned any API calls or database usage or traffic graph.

Well, that's just about the best damn kept secret in town and I hope my messages are as safe!

And I'm no fan of Meta...

I'm not saying they are sending the content back, but WhatsApp has to read your message or it couldn't display it, so I don't even know exactly what that particular claim means?

They most likely mean their service or their employees, but this appears to be marketing fluff and not an enforceable statement.

I wonder if keyword/sentiment extraction on the user's device counts as reading "by WhatsApp"...

There's the conspiracy theory about mentioning a product near the phone and then getting ads for it (which I don't believe), but I feel like I've mentioned products on WhatsApp chats with friends and then got an ad for them on Instagram sometime after.

Also claiming "no one else can read it" is a bit brave, what if the user's phone has spyware that takes screenshots of WhatsApp... (Technically of course it's outside of their scope to protect against this, but try explaining that to a judge who sees their claim and the reality)

Are messages and calls data at rest or data in motion? The UI lock feature refers to 'chats' which could be their term for data at rest.

I wonder what the eula says.

> That's a cute loophole you thought up, but whatsapp's marketing is pretty unequivocal that they can't read your messages.

If Facebook says it, then... Sorted!

"We can't read your messages! They are encrypted on disk and we don't store the keys!"

"What encryption do you use?"

"DES."

My guess is that they are end-to-end encrypted. And because of Facebook's scale that they're able to probabilisticly guess at what's in the encrypted messages (e.g.a message with X hash has Y probability of containing the word "shoes")