My best guess is you have numbers associated with profiles and maybe the numbers get reported as scams through various watchdog orgs or people reporting to Meta directly?
It’s an opt-in feature. In settings, users will be required to enable Private Processing, which Meta describes as an “optional capability that enables users to initiate a request to a confidential and secure environment and use AI for processing messages where no one—including Meta and WhatsApp—can access them.”
First, if I were to take a guess I would assume that it can be coded to give the AI read/write access to messages because it’s part of the encryption protocol without giving it to Meta as a company? I really have no idea because I don’t write code or deal with backend stuff so it’s just an idea.
Second, I’m not defending the tech company. I’m coming up with a hypothesis as to why something may be possible. I’m not saying it’s probable.l because we both know that Meta will find any way to gain access to data by doing any sort of shady shit they can.
The concept of “End to End Encryption” (E2EE) is that one end encrypts the data, it passes through transport, and the only person who can read the decrypted data is the intended receiver.
In the case of WhatsApp, this should mean:
Your phone (WhatsApp app) encrypts a message
Your phone sends the encrypted (“unreadable”) message to Facebook
Facebook sends the message to the intended receiver
The receiver decrypts the message
The whole “Meta AI summaries” thing has to run on their servers. Large language models small enough to fit on a phone don’t produce sensible output yet, and your phones battery would drain very quickly. Since each message is (supposed to be) encrypted with different keys, no human nor computer can make sense of the encrypted data without the keys to decrypt it. For their servers to provide a “summary of your chats”, they have to be able to read the content of the messages. Thus proving that the whole “end to end encryption” in WhatsApp is either false, or made entirely useless with them sending all messages to themselves without E2EE.
The only proof that would invalidate this is evidence of the LLM running locally on device. Even then, the way some of WhatsApp’s services work (like notifications, WhatsApp Web) creates some serious doubt on the “E2EE” claim.
It is absolutely essential that any communications platform claiming “E2EE” proves this by making the client-side code (the stuff running on your device) fully open source. A proprietary app, like WhatsApp, by definition makes it harder to fully understand its inner workings, and thus fully verify the E2EE claim.
It’s an opt-in feature. In settings, users will be required to enable Private Processing, which Meta describes as an “optional capability that enables users to initiate a request to a confidential and secure environment and use AI for processing messages where no one—including Meta and WhatsApp—can access them.”
You should have read your link before typing all this. Their E2EE is a bit similar to OMEMO and Signal in the sense that one device is really like one contact, and one chat between two people is really like a group chat with many members associated with two identities. So they are adding another optional endpoint where you send the message to get that summary.
Of course if you do send it, it’s readable by them no matter what they say.
Of course proprietary encryption (I’d argue that even proprietary code) can’t be trusted to do what declared.
But there is no logical contradiction whatsoever between their claim of having E2EE and this functionality.
So, this is probably dumb but could their whole argument be that it’s E2EE from your phone to their server, which unpacks it and reads it, then repackages it and E2EE from the server to the recipient while the AI sends the summary back to you E2EE from the server?
It’s so stupid, but I could see their marketing saying that it’s technically E2EE just with a…detour (e.g., we don’t say the whole process was E2EE in one trip).
Once again, I’m not sticking up for them. I am just trying to wrap my head around how they could justify this shit at all.
There is no justification. The “Ends” in E2EE mean the initial sender, and intended recipient. The “transport” should have zero insight into the content. Encrypting a message to the servers is standard even for “non-private” messaging services, it’s usually done with SSL (part of HTTPS).
Lets compare it to traditional mail. If you send something, the postal company can always just open your mail and read it. With computers, we have black magic (E2EE) that physically prevents the postal company from doing that. In this hypothetical, Facebook (owner of WhatsApp) is the company that provides you with the pen and paper (the app), and is a postal company (their servers). They promise that the black magic on the paper prevents them from reading what you wrote, but then they clearly read the content of your letter to send you a summary of the conversation.
Mid-message quick edit: They could’ve also done something to the pen (other parts of the app) to have it tell them what you wrote. This would mean the black magic (E2EE) is applied, but is completely useless. (End of edit)
If the process for making the pen and paper (the app) was publicly known (open source), you could make your own, and be sure the black magic (E2EE) is applied properly. That way you can be certain the postal company (servers) can’t read your letter, only the recipient can.
If the postal company gives you the pen and paper without telling you how to make it, it’s nearly impossible to tell if the black magic was applied properly.
That’s not really how encryption works. If their chat bot can read/parse the message, then it has the keys, which means meta would have the keys. This doesn’t mean they absolutely are reading your messages, but it does seem to mean it would be possible.
No it doesn’t have to, their article says if you enable it, the messages are resent someplace. Of course those that are have to be read by whatever summarizes them, so are not secured from Meta.
Honestly for systems operating on sequences of tokens, like those “AI”'s, I wonder if it’s possible to divide their functionality so that it would be a zero-knowledge system with the side providing computation not being able to decipher them.
In the dumbest sense, if some operation can be reduced to multiplication of two numbers, or modulo 2 addition, or whatever, and those two numbers encrypted and combined thus result in something predictably decrypted by someone having encrypted the original numbers, then you can offload the hard operation to a remote service and not worry about them learning what the numbers really were. There are probably articles and whitepapers describing how to do exactly this, fundamental science is usually beyond what’s been done practically.
How do they know its a scam account if they aren’t able to read your messages?
That’s what the report button is for.
My best guess is you have numbers associated with profiles and maybe the numbers get reported as scams through various watchdog orgs or people reporting to Meta directly?
The profiles aren’t encrypted I don’t think?
What’s your best guess at how whatsapp manages to generate AI summaries of your private messages without ever reading the private messages?
https://www.pcmag.com/news/meta-ai-summarize-your-whatsapp-chats
Even a cursory attempt at defending these companies is a bad joke.
That’s how.
I found technical details of the private processing in this whitepaper: https://ai.meta.com/static-resource/private-processing-technical-whitepaper
First, if I were to take a guess I would assume that it can be coded to give the AI read/write access to messages because it’s part of the encryption protocol without giving it to Meta as a company? I really have no idea because I don’t write code or deal with backend stuff so it’s just an idea.
Second, I’m not defending the tech company. I’m coming up with a hypothesis as to why something may be possible. I’m not saying it’s probable.l because we both know that Meta will find any way to gain access to data by doing any sort of shady shit they can.
The concept of “End to End Encryption” (E2EE) is that one end encrypts the data, it passes through transport, and the only person who can read the decrypted data is the intended receiver.
In the case of WhatsApp, this should mean:
The whole “Meta AI summaries” thing has to run on their servers. Large language models small enough to fit on a phone don’t produce sensible output yet, and your phones battery would drain very quickly. Since each message is (supposed to be) encrypted with different keys, no human nor computer can make sense of the encrypted data without the keys to decrypt it. For their servers to provide a “summary of your chats”, they have to be able to read the content of the messages. Thus proving that the whole “end to end encryption” in WhatsApp is either false, or made entirely useless with them sending all messages to themselves without E2EE.
The only proof that would invalidate this is evidence of the LLM running locally on device. Even then, the way some of WhatsApp’s services work (like notifications, WhatsApp Web) creates some serious doubt on the “E2EE” claim.
It is absolutely essential that any communications platform claiming “E2EE” proves this by making the client-side code (the stuff running on your device) fully open source. A proprietary app, like WhatsApp, by definition makes it harder to fully understand its inner workings, and thus fully verify the E2EE claim.
You should have read your link before typing all this. Their E2EE is a bit similar to OMEMO and Signal in the sense that one device is really like one contact, and one chat between two people is really like a group chat with many members associated with two identities. So they are adding another optional endpoint where you send the message to get that summary.
Of course if you do send it, it’s readable by them no matter what they say.
Of course proprietary encryption (I’d argue that even proprietary code) can’t be trusted to do what declared.
But there is no logical contradiction whatsoever between their claim of having E2EE and this functionality.
Wow! Thanks for this response. That makes a lot of sense as to how it’s done.
Thank you for that explanation!
So, this is probably dumb but could their whole argument be that it’s E2EE from your phone to their server, which unpacks it and reads it, then repackages it and E2EE from the server to the recipient while the AI sends the summary back to you E2EE from the server?
It’s so stupid, but I could see their marketing saying that it’s technically E2EE just with a…detour (e.g., we don’t say the whole process was E2EE in one trip).
Once again, I’m not sticking up for them. I am just trying to wrap my head around how they could justify this shit at all.
There is no justification. The “Ends” in E2EE mean the initial sender, and intended recipient. The “transport” should have zero insight into the content. Encrypting a message to the servers is standard even for “non-private” messaging services, it’s usually done with SSL (part of HTTPS).
Lets compare it to traditional mail. If you send something, the postal company can always just open your mail and read it. With computers, we have black magic (E2EE) that physically prevents the postal company from doing that. In this hypothetical, Facebook (owner of WhatsApp) is the company that provides you with the pen and paper (the app), and is a postal company (their servers). They promise that the black magic on the paper prevents them from reading what you wrote, but then they clearly read the content of your letter to send you a summary of the conversation.
Mid-message quick edit: They could’ve also done something to the pen (other parts of the app) to have it tell them what you wrote. This would mean the black magic (E2EE) is applied, but is completely useless. (End of edit)
If the process for making the pen and paper (the app) was publicly known (open source), you could make your own, and be sure the black magic (E2EE) is applied properly. That way you can be certain the postal company (servers) can’t read your letter, only the recipient can.
If the postal company gives you the pen and paper without telling you how to make it, it’s nearly impossible to tell if the black magic was applied properly.
That’s not really how encryption works. If their chat bot can read/parse the message, then it has the keys, which means meta would have the keys. This doesn’t mean they absolutely are reading your messages, but it does seem to mean it would be possible.
No it doesn’t have to, their article says if you enable it, the messages are resent someplace. Of course those that are have to be read by whatever summarizes them, so are not secured from Meta.
Honestly for systems operating on sequences of tokens, like those “AI”'s, I wonder if it’s possible to divide their functionality so that it would be a zero-knowledge system with the side providing computation not being able to decipher them.
In the dumbest sense, if some operation can be reduced to multiplication of two numbers, or modulo 2 addition, or whatever, and those two numbers encrypted and combined thus result in something predictably decrypted by someone having encrypted the original numbers, then you can offload the hard operation to a remote service and not worry about them learning what the numbers really were. There are probably articles and whitepapers describing how to do exactly this, fundamental science is usually beyond what’s been done practically.