• Kandivali West Mumbai 400067, India
  • 022 39167251
  • support@email.com
September 27, 2020

Govt Agencies Recover Deleted Data and Private WhatsApp Chats Despite Encryption? Know How to Protect

by facelesscompliance in Compliance Law, Corporate Law

Govt Agencies Recover Deleted Data and Private WhatsApp Chats Despite Encryption? Know How to Protect

Each and every WhatsApp chat has a security code used to verify that calls and the messages that are sent to that chat are end-to-end encrypted, which means that the messages are visible only to the sender and the recipient, and no third party can access it, not even WhatsApp.

WhatsApp is used by over two billion users around the world hence keeping the messaging platform secure is of the utmost importance

Over the past few days and weeks, reports have shown leaked WhatsApp chats of Bollywood actors in the ongoing drug probe. The Narcotics Control Bureau relied on the private chats to bolster its probe into Bollywood’s alleged drug links. Social media is abound with questions on whether end-to-end encryption even works in keeping conversations protected, and how agencies managed to get their hands on deleted chats. 

What cyber Security Experts Opnion?

Experts point out that it’s the users who put themselves at risk when they don’t follow proper measures to keep their conversations safe.

The Problem

1) WhatsApp keeps a log

While WhatsApp gives you an option to delete a message forever, it so happens that the messages in question are, in fact, not entirely deleted forever from everywhere. According to reports, WhatsApp keeps a log of your conversations locally on your device, which works as a “forensic trace” to log data, according to cyber security service provider, McAfee. It is this log that is regularly exploited by numerous third party apps, which offer a way for you to see messages that have been deleted.

It is this log that is reportedly not encrypted, and this represents a security flaw that can be exploited by malicious spyware tools.

Across the world, numerous investigation agencies and legal bodies have been known to use such undisclosed tactics. In the wrong hands, this can prove to be catastrophic for the privacy of users. It is also important to note that no messaging service, even the venerable Signal, would be entirely un-hackable

2) Message back-up on Google Drive or any such Cloud

It must be noted that the media and message back-up on Google Drive or any such Cloud services aren’t protected by WhatsApp’s end-to-end encryption. So the agencies like CBI or NCB can easily access the deleted chats.

Moreover, the agencies use complex software mechanism to clone all the data of your mobile phone onto a different mobile phone. This is basically calling cloning or imaging, through which, all the data of your phone can be copied to another system.

3) Mobile phone cloning technique data

In a mobile phone cloning technique data and cellular identity of a device can be copied into a new phone. This can be done with the help of an app and without access to the phone that needs to be cloned. In the process, the transfer of the IMEI can also happen. You must note that mobile phone cloning is illegal for the general public to carry out but authorities like NCB can always take the forensic route to legitimately access data stored on devices. 


In a statement issued by a WhatsApp spokesperson, the company said about the recent private debate, “WhatsApp protects your messages with end-to-end encryption so that only you and the person you’re communicating with can read what is sent, and nobody in between can access it, not even WhatsApp. It’s important to remember that people sign up on WhatsApp using only a phone number, and WhatsApp doesn’t have access to your message content.

WhatsApp follows guidance provided by operating system manufacturers for on-device storage and we encourage people to take advantage of all the security features provided by operating systems such as strong passwords or biometric IDs to prevent third parties from accessing content stored on device.”

How to save your Whats Data to leak or use by someone else?

1) Never take screenshots of chats

In WhatsApp, one-on-one conversations are encrypted. End-to-end encryption ensures that only the sender and recipient can read messages – not even WhatsApp itself. It means your chats cannot be intercepted by any third person. However, users put themselves at risk if they take screenshots of their chats or back up chats, as its get stored in mobile which access might be available to other Apps.

2) Backing up chats can put users to risk so Switch off Back up

Backing up chats is not safe. In 2018, WhatsApp had said in an update, “Media and messages you back up in Google drive aren’t protected by WhatsApp end-to-end encryption.” The backups created on cloud are not encrypted. So, if someone hacks into your cloud data, then your chat is vulnerable.”

3) Never share your password when giving your phone for repairs

You should ensure you dont share passwords. When selling/ your old device, encrypt files and then do a factory reset

4) Keep updating your all apps.

You can switch on automatic updates so security of app is updated. From across the world, there are malware and spyware that keep coming up and hitting the digital ecosystem, like asteroids in the universe. By the time a patch comes up and the vulnerability is found and fixed, your data may already have been compromised. This is why it is important to keep your phone and computer operating systems, as well as all apps therein, updated all the time. 

5) Switch off media auto-download

Viruses getting installed on your computer from shady email attachments. You don’t download shady email attachments. Something similar happens on your phone, especially on WhatsApp. This is called ‘media auto-download’. A random stranger sends you a photo or video, it gets automatically downloaded to your photo gallery, and installs malware on your phone. Switch off the media auto-download option will also help save memory

Is WhatsApp chat admissible in the court?

Yes as a secondary evidence even in case agency conduct digital forensics and clone your phone’s data on another device

Enter your email address:

Subscribe to faceless complainces

Please follow and like us:
Pin Share
Follow by Email