When you click the button, in comes a
rush of satisfaction. You’ve gained
newfound free space, of course, but more
importantly, an unwanted piece of your
digital footprint is gone, without a trail of
breadcrumbs to so much as suggest at its
previous existence. Nothing nebulous. It’s
clear cut. Gone, and gone forever.
But what happens when it isn’t so
Digital forensics and security expert
Jonathan Zdziarski published research
findings this week on his blog
that suggest the more than 1 billion active
users of WhatsApp might not actually be
deleting their data when they tap the
“clear all chats” button.
While encryption and privacy has been a
major selling point for the popular
messaging app, Zdziarski’s findings show
the latest version of the app “leaves
forensic trace of your chats, even after
you’ve deleted, cleared, or archived them
… even if you ‘Clear All Chats.’ In fact, the
only way to get rid of them appears to be
to delete the app entirely,” he writes.
Zdziarski made it clear that while the
service itself deletes the record and
doesn’t appear to be intentionally keeping
user chat data on its servers, “the record
itself is not being purged or erased from
the database, leaving a forensic artifact
that can be recovered and reconstructed
back into its original form.”
So, what does it all mean for users? First,
there’s no need to panic, Zdziarski says —
it’s more important for people using
WhatsApp to be aware of their digital
footprint. He doesn’t suggest the app has
some internal vulnerability making it
easier for hackers to hijack your
However, it does mean that after issuing
a warrant with Apple, law enforcement
could potentially obtain your deleted chat
It also means people with physical access
to your device could create a backup with
the encrypted data, and people with
physical access to your computer could
“copy this data from an existing,
unencrypted backup, or potentially
decrypt it using password breaking tools,
or recover the password from your
While WhatsApp has not yet responded to
a request for comment, Zdziarski further
outlined in the original post how the
company could mitigate the issue in
future versions of the app.
“Software authors should be sensitive to
forensic trace in their coding. The design
choices they make when developing a
secure messaging app has critical
implications for journalists, political
dissenters, those in countries that don’t
respect free speech, and many others,”
he writes. “A poor design choice could
quite realistically result in innocent people
— sometimes people crucial to liberty —
being imprisoned.”