Document Shows How FBI Retrieve data from WhatsApp and Popular Secure Messaging Apps

An Unknown previously undisclosed FBI document indicates that monitoring WhatsApp and Facebook user activity is routine for the bureau. The document provides guidance on how to legally extract messages and metadata from messengers WhatsApp, Facebook, Telegram, Viber, Signal, Threema, WeChat, Line, and Wickr.

According to the document, iMessage and WhatsApp give the FBI access to more categories of data than other platforms, including the content and history of messages received and sent. They also cooperate with the authorities further, if there is a search warrant, providing them with data from previous backups, contact lists, and other data.

The document's specificity is new, however, as is the FBI's admission that WhatsApp is the only popular secure messaging app that provides near-real-time data in response to law enforcement requests. The document says:

• Message Content: Limited*
• Subpoena: Can render basic subscriber record
• Court Order: Subpoena return as well as information like blocked users
• Search Warrant: Provides address book contacts and WhatsApp users who have the target in their address book contacts
• Pen Register: Sent every 15 minutes, provides source and destination for each message

WhatsApp, for example, is the only one of the nine applications mentioned in the documents to use the so-called "pen register" - a special request that records the source and destination of each message.

In response to a "pen register" request, WhatsApp generates certain metadata every 15 minutes. In other words, even without requesting the content of a message from WhatsApp, the metadata records who send messages and when, as well as what other users are in their address book.

According to the document, only iMessage, WhatsApp, and Line store the content of messages and provide them to the authorities. The other six messengers mentioned in the guide do not disclose the content of the messages.