At a time when people are worried about how their personal communications are being read, listened to and analysed, WhatsApp has positioned itself as the last bastion of privacy.

Facebook’s sister company recently announced it is suing the Israeli cybersecurity company NSO Group for malware attacks on its users, scoring an instant PR coup that earned them headlines in the UK and US.

“At WhatsApp, we believe people have a fundamental right to privacy and that no one else should have access to your private conversations, not even us,” said Will Cathcart, WhatsApp CEO, accusing NSO of targeting 1,400 users.

The case is being seen as a turning point in Silicon Valley’s fight against private sector firms they claim have used malware to infect customer phones and give them access to messages.

Although NSO has been damaged by claims its technology has been used by rogue governments to target human rights activists, journalists and politicians, they’re part of a regulated and flourishing multi-million pound intercept industry that sells this kind of tech to law enforcement and intelligence agencies across the world.

But before anyone feels sorry for WhatsApp, let’s consider the double standards at play. Last month WhatsApp published a statement saying it had filed a complaint in the US federal courts against NSO, drawing heavily on genuine public concerns about privacy.

“Mobile phones provide us with great utility, but turned against us they can reveal our locations and our private messages and record sensitive conversations we have with others…governments and companies need to do more to protect vulnerable groups and individuals from these attacks.”

But the same accusation could easily be levelled at WhatsApp. Last year, inspired by an interview given by the former director of GCHQ, Robert Hannigan, on the BBC’s Today programme, I examined WhatsApp terms and conditions to see exactly what happens when we click to accept. Mr Hannigan’s view is that Facebook’s primary goal is to squeeze every drop of profit from its users’ data.

“This isn’t a kind of fluffy charity providing free services,” he said, “It’s a very hardheaded international business and these big tech companies are essentially the world’s biggest global advertisers, that’s where they make their billions.”

I would go further: if we’re talking about technology that can be turned against us, then frankly WhatsApp is the world leader in information exploitation and bulk data collection. Most people, of course, don’t read the terms and conditions.

Why would we when WhatsApp’s extend to 29 pages of legalese? The first condition we, as users, agree to is that “WhatsApp works and shares information with other Facebook companies.”

This means our details are shared with dozens of other companies, all in the field of data user collection.

Another reads: “You provide us …t he phone number of WhatsApp users and other contacts in your mobile address book on a regular basis.”

In other words, this is the entirety of your business and social network, your intellectual property and that of your employers and/or employees.

This is the reason companies, corporations and governments need to be wary when permitting the use of platforms like WhatsApp – it’s all too easy to simply click away company data.

WhatsApp’s privacy policy covers “the collection, use, processing and sharing of…information to the United States and other countries globally where we have or use facilities, service providers, affiliated companies and partners … you grant WhatsApp a worldwide, non-exclusive, royalty free … licence to use, reproduce, distribute, create derivative works of, display and perform the information (including your content) you upload, submit, store, send or receive…”.

In the US, the lawsuits against Facebook over data privacy issues are piling up, which might explain why it’s working so hard to shift the debate in its favour. One, Zellmer vs Facebook, is a class action that highlights the case of Clayton Zellmer who, despite never registering for a Facebook account, says the firm has still built a facial biometric profile for him based on photos uploaded by other users.

According to the legal papers, Facebook has used advanced facial recognition technology to create and store detailed face templates from more than 1 billion users, potentially putting us at risk from identify theft if these identifiers fall into the wrong hands.

All of this hardly makes WhatsApp the protector of privacy and security. But there is another reason Facebook is keen to flex its muscles by taking on NSO. Founder Mark Zuckerberg wants to establish end-to-end encryption across all three of its apps, including Messenger and Instagram, a move which the US and the UK governments warn will allow paedophiles, terrorists and other serious criminals to conceal their activities.

The US National Center for Missing and Exploited Children have estimated that 70 per cent of the illegal content and activity would be lost with encryption. The simple fact is that all those in Silicon Valley have engineered us to agree, on a mass scale, to the bulk collection of our data. When playing the privacy card to galvanise support, Will Cathcart might start a little closer to home.

- Paul Manister is a communications security consultant.