WhatsApp is widely regarded as one of the most secure messaging apps, second only to Signal, offering end-to-end encryption by default. This means that no one, not even Meta, can access your private messages only the sender and receiver can. With over 3 billion users, WhatsApp’s privacy and security rely heavily on its robust end-to-end (E2E) encryption.
Meta is working on “Private Processing” to enable AI features on WhatsApp, which could potentially compromise its trusted end-to-end encryption. WhatsApp has remained largely secure, with Meta even taking legal action against spyware companies like NSO to protect user privacy. However, this new move by Meta may weaken WhatsApp’s integrity in an effort to bring AI features to the platform.
Meta Developing Private Processing for WhatsApp AI Features
Meta has provided an early preview of Private Processing, a new technology aimed at integrating AI features into WhatsApp while claiming to preserve user privacy. This will enable features like summarizing unread messages or generating writing suggestions. However, to process these AI requests, message content will need to be sent to Meta’s cloud servers, sparking concerns about the impact on WhatsApp’s end-to-end encryption.
To alleviate privacy concerns, Meta asserts that communication between the user’s device and the Private Processing infrastructure will remain end-to-end encrypted. The company also claims that neither Meta nor WhatsApp can decrypt these messages, as they are protected by an “ephemeral key” known only to the user’s device and the chosen Trusted Execution Environment (TEE) on the cloud server.
By introducing Private Processing on WhatsApp, Meta is essentially adding a third layer of access — beyond just the sender and receiver — into the messaging chain. This creates an intermediary that could access personal messages upon request, potentially undermining the traditional end-to-end encryption model of WhatsApp.
Meta explains that the Trusted Execution Environment (TEE) is built on “confidential computing infrastructure” to maintain user privacy and security. Let’s dive into how TEE is designed for WhatsApp’s Private Processing and whether it can instill confidence in users.
How TEE Works for WhatsApp’s Private Processing
The Trusted Execution Environment (TEE) on Meta’s cloud servers is built to process WhatsApp AI requests with a strong emphasis on privacy. It creates a fully isolated environment, ensuring that all communication with the user’s device remains end-to-end encrypted. This means that no one, including Meta, WhatsApp, or any third-party, can access the data, either during transmission or when stored.
Meta has further enhanced isolation by disabling remote access to the Trusted Execution Environments (TEEs). The server hardware also incorporates advanced CPU technologies like “confidential virtualization” and secure GPU modes to prevent hardware attacks. Additionally, TEEs operate in a “stateless” manner, meaning messages are discarded immediately after processing, ensuring they are not stored or used for AI training by Meta. This approach helps maintain user privacy and data security.
Moreover, Meta states that Private Processing employs anonymous credentials for user authentication, ensuring that users cannot be identified. The system does not transmit identifiable information, minimizing the risk of data leaks. Additionally, verification systems are in place to conduct hardware-based attestations and only load trusted software.
To enhance transparency, Meta intends to release the system code, allowing researchers to verify and audit it. Furthermore, Meta is expanding its bug bounty program to support independent security testing.
WhatsApp’s Private Processing appears quite similar to Apple’s Private Cloud Compute, which enables private handling of Apple Intelligence features. However, while Apple is widely recognized for its firm stance on user privacy, Meta’s track record in this area raises more skepticism.
Turn Off AI Features in WhatsApp by Enabling Advanced Chat Privacy
If you’re unsure about Meta’s Private Processing for AI features, you can turn on “Advanced Chat Privacy” in WhatsApp. This setting lets you “prevent others from exporting chats, automatically downloading media, or using your messages for AI functionalities“.
Advanced Chat Privacy can be enabled for both individual and group chats. In essence, it prevents other users from using your conversations to access AI features.
As tech companies rush to embed AI into every product, messaging apps should remain separate from cloud-based AI processing. Data minimization is a foundational principle in security, and WhatsApp has long upheld it through strong end-to-end encryption. Meta must tread carefully with Private Processing on WhatsApp, as it brings AI features at the cost of introducing a potential new attack surface.
