Skip to main content

WhatsApp isn’t fully deleting its deleted chats

WhatsApp retains and stores chat logs even after those chats have been deleted, according to a post today by iOS researcher Jonathan Zdziarski. Examining disk images taken from the most recent version of the app, Zdziarski found that the software retains and stores a forensic trace of the chat logs even after the chats have been deleted, creating a potential treasure trove of information for anyone with physical access to the device. The same data could also be recoverable through any remote backup systems in place.

In most cases, the data is marked as deleted by the app itself, but because it has not been overwritten, it is still recoverable through forensic tools. Zdziarski attributed the problem to the SQLite library used in coding the app, which does not overwrite by default.


WhatsApp is now used by a billion people every month, Facebook revealed in February. The Facebook-owned app outperforms the social network’s own Messenger mobile app, which has 800 million monthly users. The Company said 42 billion messages and 250 million videos were sent over WhatsApp daily.

WhatsApp was applauded by many privacy advocates for switching to default end-to-end encryption through the Signal protocol, a process that completed this April. But that system only protects data in transit, preventing carriers and other intermediaries from spying on conversations as they travel across the network.

In fact, the only way to get rid of them appears to be to delete the app entirely.

The news shouldn’t be alarming to WhatsApp users, although it does temper many of the privacy promises made by the company in the past. The majority of messaging apps leave similar traces, recoverable through iCloud backups, although a number of privacy-focused apps do not. “Message leaves a lot of forensic traces,” Zdziarski said, reached by The Verge. “Signal leaves virtually none.”

Mr Zdziarski noted that WhatsApp does not seem to be trying to intentionally preserve data, but a record is left in the database, leaving a forensic artefact that can be recovered and reconstructed back into its original form. Commentators have said the news does not put WhatsApp user in danger, even if it seems to contradict the company’s stance on privacy, but many messaging apps do the same.

Richard Parris, CEO at security firm Intercede, told Mail Online: In the connected world, we can never be absolutely sure our personal information can’t be read by others.

And While WhatsApp has actually gone to some lengths to protect consumers, there appears to be a hole in the net.

Consumers need to have control over their own content, be it a photo, text, email or video. The most effective way to do this is by giving users digital rights management for their own content.

Leave a reply