Summary: The Texas Attorney General’s Office sued WhatsApp and Meta Platforms Inc. on May 21 in Harrison County court, alleging the companies misrepresented the strength and scope of WhatsApp’s encryption. The complaint asserts that WhatsApp advertises secure, encrypted messaging while Meta has access to "virtually all" private communications on the platform. Meta has denied the claims.
The lawsuit, brought under the Texas Deceptive Trade Practices Act, argues that WhatsApp and its parent firm provided false assurances to consumers about message security. Texas Attorney General Ken Paxton said in a statement that "WhatsApp markets its services as secure and encrypted, but it does not deliver on those promises."
Meta spokesman Andy Stone responded on social media, calling the allegations inaccurate and stating that WhatsApp cannot access people’s encrypted communications. The company’s denial is noted in the court filing context but the suit continues to press for remedies.
The legal action seeks a court order that would prevent Meta and WhatsApp from accessing Texans’ WhatsApp messages without consent. In addition to injunctive relief, the complaint asks for monetary penalties under the state consumer-protection statute.
Texas’ filing points to media coverage of a federal investigation into claims that Meta had access to unencrypted WhatsApp messages and references a whistleblower report submitted to the U.S. Securities and Exchange Commission. Those items are cited in the complaint as part of the factual basis for the deceptive-practices allegations.
The Texas Deceptive Trade Practices Act is the vehicle for the suit; Paxton’s office has used the same statute in several recent data-privacy cases against large technology companies. The filing notes previous actions taken by the office, including litigation involving other major firms.
Among those prior matters, the complaint references a settlement in which Google agreed to pay $1.375 billion in May 2025 to resolve state claims that it had violated users’ data privacy. Separately, on May 11, the Attorney General’s Office filed a lawsuit against Netflix alleging it collected children’s and other consumers’ data without consent and designed aspects of its platform to be addictive. Netflix denied those allegations, characterizing the pleadings as based on inaccurate and distorted information.
Key takeaways
- Texas accuses WhatsApp and Meta of misleading consumers about WhatsApp’s encryption, seeking both injunctive relief and monetary penalties - impacts the technology and consumer privacy sectors.
- Meta has publicly denied the claim that WhatsApp can access encrypted messages, maintaining that users’ encrypted communications are not accessible to the company - relevant to corporate communications and regulatory relations.
- The suit cites federal investigative reports and a whistleblower filing to the SEC as part of its factual foundation - this links the case to broader oversight and potential regulatory scrutiny of tech platforms.
Risks and uncertainties
- Legal outcome uncertainty - the complaint seeks to bar access to messages and impose penalties, but the court’s response and potential appeals are unknown; this affects legal and regulatory risk for tech firms.
- Potential for parallel investigations - the suit references federal inquiries and a whistleblower report, indicating possible concurrent probes that may influence the broader tech and privacy regulatory environment.
- Reputational and commercial impact on messaging platforms - allegations about encryption practices could affect user trust and product positioning in the consumer technology sector.