The WhatsApp messaging service has been banned on all US House of Representatives devices, according to a memo sent to House staff on Monday.
The notice to all House staff said that the “Office of Cybersecurity has deemed WhatsApp a high-risk to users due to the lack of transparency in how it protects user data, absence of stored data encryption, and potential security risks involved with its use.”
The memo, from the chief administrative officer, recommended use of other messaging apps, including Microsoft Corp’s Teams platform, Amazon.com’s Wickr, Signal, Apple’s iMessage, and Facetime.
A spokesperson for Meta, which owns WhatsApp, said: “We disagree with the House Chief Administrative Officer’s characterization in the strongest possible terms. We know members and their staffs regularly use WhatsApp and we look forward to ensuring members of the House can join their Senate counterparts in doing so officially.
“Messages on WhatsApp are end-to-end encrypted by default, meaning only the recipients and not even WhatsApp can see them. This is a higher level of security than most of the apps on the CAO’s approved list that do not offer that protection.”
The Signal app – which like WhatsApp uses end-to-end encrypted messaging – was at the center of a recent controversy in which Pete Hegseth, the defense secretary, sent detailed information about planned attacks on Yemen to at least two private Signal group chats.
One of the chats was created by Mike Waltz, the national security adviser, and included top US security officials as well as, inadvertently, the Atlantic magazine journalist Jeffrey Goldberg. The other Hegseth created himself, including his wife, his brother and about a dozen other people.
The Pentagon had previously warned its employees against using Signal due to a technical vulnerability, according NPR, which reported that an “OPSEC special bulletin” seen by its reporters and sent on 18 March said that Russian hacking groups could exploit the vulnerability in Signal to spy on encrypted organizations, potentially targeting “persons of interest”.
The Pentagon-wide memo said “third party messaging apps” like Signal are permitted to be used to share unclassified information, but they are not allowed to be used to send “non-public” unclassified information.
Reuters contributed to this report
The best public interest journalism relies on first-hand accounts from people in the know.
If you have something to share on this subject you can contact us confidentially using the following methods.
Secure Messaging in the Guardian app
The Guardian app has a tool to send tips about stories. Messages are end to end encrypted and concealed within the routine activity that every Guardian mobile app performs. This prevents an observer from knowing that you are communicating with us at all, let alone what is being said.
If you don't already have the Guardian app, download it (iOS/Android) and go to the menu. Select 'Secure Messaging'.
SecureDrop, instant messengers, email, telephone and post
See our guide at theguardian.com/tips for alternative methods and the pros and cons of each.
