WhatsApp is end-to-end encrypted — but reporting a message sends it (and the preceding ones) to human moderators
A 2021 ProPublica investigation detailed how WhatsApp employs more than 1,000 contract moderators who review user-reported content, and how its parent company collects metadata — complicating the impression of near-total privacy.
01What actually happened
WhatsApp messages are end-to-end encrypted in transit, and ProPublica did not claim that encryption was broken. But ProPublica reported that when a user taps “report,” WhatsApp forwards the reported message plus the four preceding messages in that chat to its parent company, where more than 1,000 contract moderators review the content. The story also highlighted how much metadata the company can still see and use. Separately, WhatsApp's cloud backups were not end-to-end encrypted until an optional E2EE-backup feature rolled out in October 2021.
02Why it matters
End-to-end encryption protects messages in transit, but the endpoints — and any reporting, moderation, or backup pipeline the provider builds — are still places where plaintext and metadata can surface. Cipher minimizes metadata and runs its AI on your device, so summarization and threat detection happen locally, not on a server the company can read.
Sources
- ProPublica · Sep 2021How Facebook Undermines Privacy Protections for Its 2 Billion WhatsApp Users
- Meta · Oct 2021End-to-End Encrypted Backups on WhatsApp
We describe only what these sources report. If you think we've framed something inaccurately, tell us — accuracy is the whole point.
Cipher is built for exactly this gap: zero-access encryption, no phone number, on-device AI, and minimal metadata — so the failure in this story can't happen the same way.
See how the architecture works