WhatsApp Cybersecurity Head’s Meta Lawsuit Dismissed | Facts Insufficient

March 24, 2026 Rachel Kim – Technology Editor Technology

A federal judge dismissed a lawsuit brought by Kevin Mitnick, the former chief security officer of WhatsApp, against Meta, ruling he failed to provide sufficient evidence to support claims of violations of California public policy and retaliation. The decision, delivered Tuesday, marks a setback for Mitnick, who alleged he was sidelined and ultimately terminated after raising concerns about data privacy practices within the messaging app.

Mitnick’s suit, filed in February 2025, centered on his assertions that Meta was not fully transparent about its access to WhatsApp user data, despite the app’s claims of end-to-end encryption. He specifically contended that Meta had developed capabilities to read WhatsApp messages, a claim that gained traction following a class-action lawsuit accusing Meta of misleading users about the security of their communications. The judge, however, found that Mitnick’s allegations lacked concrete factual support.

The ruling comes as Meta faces increased scrutiny over its security practices across its platforms, including Facebook and Messenger. Earlier this month, the company announced a series of novel anti-scam tools, deploying artificial intelligence to combat increasingly sophisticated fraud tactics. These tools include warnings about suspicious device linking requests on WhatsApp and alerts for potentially fraudulent friend requests on Facebook. Meta stated it removed over 159 million scam ads globally in 2025, and has been actively banning accounts involved in deceptive practices, particularly in India.

The court’s decision also arrives amid reports of ongoing efforts by attackers to exploit WhatsApp’s device linking feature. Scammers have been attempting to trick users into sharing phone numbers and linking codes, granting them access to user accounts and enabling impersonation. WhatsApp has responded by implementing behavioral analysis to identify and flag potentially suspicious linking requests, alerting users before a connection is established.

While Mitnick’s lawsuit was dismissed, the underlying concerns about data privacy and security at Meta remain. A separate class-action lawsuit continues to proceed, alleging that Meta can access WhatsApp user messages despite the app’s encryption promises. Meta has not publicly commented on the specifics of that litigation, but maintains its commitment to user privacy and security. The company has stated it is continually updating its security measures to address evolving threats.

Meta’s recent rollout of AI-powered protections extends beyond WhatsApp, encompassing Facebook and Messenger. These protections aim to identify and block celebrity impersonators, brand spoofers, and deceptive links. Messenger’s scam detection system can now analyze text, images, and contextual signals to identify potential fraud, including bogus job offers. The company has not announced any plans to appeal the ruling in Mitnick’s case, and a hearing to determine damages is scheduled for April 15, 2026.