The United States House of Representatives has officially banned WhatsApp from all staff devices, due to security issues tied to how the platform manages user data.
In a memo sent to House staff, the Office of Cybersecurity stated that WhatsApp is a “high risk” to users. The concerns are poor transparency around data protection, no encryption for stored data, and a general vulnerability to spyware and surveillance tools.
This is not the first time the House has taken this kind of step. In 2022, TikTok was removed from government-issued phones due to similar national security concerns. Now, WhatsApp joins that list.
The directive came directly from the Chief Administrative Officer, who urged staff to switch to alternatives like Microsoft Teams, Amazon’s Wickr, Signal, or Apple’s iMessage and FaceTime.
Each of these apps is reportedly considered more reliable when it comes to data handling and encryption practices.
A spokesperson from Meta, WhatsApp’s parent company, said, “We disagree with this decision in the strongest possible terms. WhatsApp provides a higher level of security than the other approved apps.”
The case follows earlier revelations from January 2025, when Meta confirmed that Israeli surveillance firm Paragon Solutions had targeted dozens of WhatsApp users, including journalists and civil society actors.
That event led to fresh talks about WhatsApp’s vulnerability to spyware, echoing a similar 2019 scandal involving NSO Group’s Pegasus software.
While WhatsApp uses end-to-end encryption for messages in transit, analysts argue that its lack of stored data encryption leaves users exposed. For U.S. lawmakers, that’s a deal breaker.
No indication has been given as to whether Meta will adjust its policies to regain access to government devices. For now, the ban remains in force, and staff are expected to transition to what the House describes as “more secure and transparent” platforms.
This is another sign that government institutions are unwilling to trust tech platforms that fall short on data security, especially those under foreign ownership or with ambiguous privacy practices.
