Meta on Tuesday unveiled a new optional feature called โPrivate Processingโ to integrate artificial intelligence (AI) capabilities into WhatsApp, its popular end-to-end encrypted messaging app.
This initiative is part of Meta’s broader strategy to embed AI across its platforms, including Facebook, Instagram, and Messenger, to enhance user experience without compromising privacy.
โWeโre sharing an early look into Private Processing, an optional capability that enables users to initiate a request to a confidential and secure environment and use AI for processing messages where no one โ including Meta and WhatsApp โ can access them,โ Meta announced in a blog post on Tuesday.
What Is Private Processing?
Private Processing is a new confidential computing technology developed by Meta to bring AI features, like summarizing unread WhatsApp threads or getting writing suggestions, to WhatsApp while preserving the companyโs core privacy principles.
Built on a Trusted Execution Environment (TEE), the user data is processed in a manner that prevents access by Meta, WhatsApp, or any third parties. This approach ensures that AI-driven functionalities operate without compromising the confidentiality of usersโ messages.
To uphold this level of privacy and security, Private Processing is designed with three foundational requirements, which includes confidential processing, where data stays private; enforceable guarantees, which would cause the system to fail or become publicly discoverable through verifiable transparency if tampered with; and verifiable transparency, allowing users and security researchers to audit and verify its privacy and security guarantees.
Additionally, to address evolving threats, Metaโs defense-in-depth approach adds key protections to Private Processing: it ensures non-targetability, meaning attackers canโt single out individual users without attempting to compromise the entire Private Processing system; and stateless processing and forward security, which guarantees that no user data is stored after a session, preventing access to historical requests or response by the attacker.
How Private Processing Works
Private Processing enables secure AI interactions by creating a confidential cloud environment using a TTE. Hereโs a simplified overview:
- Authentication: Private Processing uses anonymous credentials to confirm that incoming requests originate from legitimate WhatsApp clients.
- Third-party routing and load balancing: It fetches HPKE encryption public keys via a third-party CDN to support Oblivious HTTP (OHTTP).
- Wire session establishment: A secure OHTTP session is created using a third-party relay that hides requester IP from Meta and WhatsApp.
- Application session establishment: A Remote Attestation + Transport Layer Security (RA-TLS) session is established between the userโs device and the TEE, verified against a third-party ledger for transparency.
- Request to Private Processing: The userโs encrypted request (e.g., message summarization request) is sent securely to the TEEโonly the device and TEE can decrypt it.
- Private Processing: AI models process the request inside a Confidential Virtual Machine (CVM), without storing any data to generate a response.
- Response from Private Processing: The processed result is returned, encrypted, and accessible only by the userโs device and the trusted serverโno data is retained after the session is completed.
With the introduction of ‘Private Processing’, Meta has taken a significant step to integrate AI into its messaging platforms responsibly.
By combining advanced AI functionalities with robust privacy measures, the tech giant seeks to enhance features while preserving WhatsApp’s trusted confidentiality.
You can check out Meta’s official engineering blog: Building Private Processing for AI tools on WhatsApp for more extensive information on ‘Private Processingโ.
