Key outcome95.6% TOS acceptance · Cross-platform blueprint
Situation
When AI joins a private group chat, every choice has to feel human.
WhatsApp's foundational promise is end-to-end encryption: a guarantee that no one, not even Meta or WhatsApp, can access your messages. In 2026, WhatsApp introduced Meta AI as a group member to assist with planning, image creation, and group tasks.
Integrating Meta's AI assistant into a private space created an unprecedented technical and social hurdle. To fuel AI utility, models must process data, which inherently requires a trade-off with traditional privacy boundaries. We launched two parallel versions of the agent to meet different user needs:
Meta AI — The most powerful, multi-modal model. It offers image creation, editing, and voice note understanding. It's powered by Meta's cloud platform, so it requires Meta to access messages to function, effectively pausing the standard end-to-end encryption state in WhatsApp.
Encrypted Meta AI — A simplified, text-only version of Meta AI functioning within a Trusted Execution Environment (TEE), or more simply, "Private Processing," where messages are handled in a secure environment so Meta and WhatsApp cannot access the content.
The challenge
Users could only have one agent per group, but we presented both as a choice. I had to architect a system that communicated when encryption was "paused" versus when the equivalent level of privacy was maintained. My goal was to make these high-stakes technical shifts feel like clear, human choices for 2 billion users without eroding a decade of platform trust.
Task
Trust Architect — informed consent as a design system.
I was the Trust Architect and UX Strategist responsible for the end-to-end system logic and information architecture. My role was to bridge the gap between complex backend engineering and the user's mental model. I had to navigate the tension between high-utility AI value and WhatsApp's privacy-first identity, aligning the Head of WhatsApp and multiple VPs on a framework that prioritized Informed Consent as a design system — ensuring it met legal requirements while driving user adoption.
Action
Three pillars: mental model, moments of need, value-based choice.
01
Engineered the "Messaging Mental Model" framework
I created a structured hierarchy to ensure all system communication followed a consistent cognitive order. This standardized how we communicated the change in encryption state across all global surfaces, making the privacy status the anchor of every interaction.
This hierarchy became the communication blueprint across join messages, contextual disclosures, and control surfaces.
Key content principles — guardrails on tone and framing underneath the hierarchy.
02
Distributed "Moment of Need" education system
I utilized progressive disclosure to ensure users encountered security information at the exact moment of relevance.
Contextual ToS NUX
A bottom sheet surfaced when a user first encountered AI, communicating the utility value alongside legally required notice of Meta's terms and AI training.
Aligned messaging · Contextual ToS NUX · Meta AI
Aligned messaging · Contextual ToS NUX · Meta AI Encrypted
Constraint — one ToS surface, two real journeys
For the contextual ToS NUX, we needed the same terms content for people who were creating a group with Meta AI for the first time and for people who were being added to a group where Meta AI was new to them (senders and receivers). Multiple variants would have increased the chance of a Sev-1 — we might surface the wrong version at the wrong time.
Exploration · Option set · Meta AI — framings evaluated for the same disclosures (utility, capability, agency) before we aligned on direction.
Exploration · Option set · Meta AI Encrypted (TEE) — same exercise for Private Processing: how bullets bundle privacy vs capability vs web search.
Real-time system messages
I designed the logic for notifications triggered when an agent joined. These served as the primary vehicle for distinguishing the security state — explicitly stating when Meta has access to the chat (Meta AI) vs. when they do not (Meta AI Encrypted).
Aligned messaging · System messages · Meta AI
Aligned messaging · System messages · Meta AI Encrypted
Exploration · Option set · Transparency approaches comparison
Transparency surfaces
On-demand entry points for power users to explore the nuances of the AI group member's capabilities and the chat's overall security state — without cluttering the UI.
Aligned messaging · Learn more bottom sheet · Meta AI
Aligned messaging · Learn more bottom sheet · Meta AI Encrypted
03
Translated technical architecture into value-based choices
I moved away from technical jargon and positioned the two models through the lens of user-centric trade-offs. This allowed users to select an agent based on the specific needs of their group:
Model
Positioning
What it means for the group
Meta AI
The "Smartest & Fastest" choice
Maximum capability — full multi-modal tasks (images, voice notes), powered by the Meta platform.
Encrypted Meta AI
The "Most Private" choice
Privacy-first, text-only chat — Meta and WhatsApp can't access the content.
Aligned messaging · Choose version — model picker
How it comes together
UX flows
Meta AI (open)
Full flow — new group creation
Learn more — bottom sheet
Receiver-side NUX
Meta AI Encrypted (TEE)
Full flow — new group creation
Learn more — bottom sheet
Receiver-side NUX
Results
Transparency built adoption — and durable trust.
Key outcomes
95.6%
ToS acceptance rate — being radically transparent about the pausing of encryption empowered adoption rather than killing it.
79.1%
Day-14 return rate — users felt safe enough to keep the AI active in their private chat spaces.
34.6% → 42.6%
Group participation — clear trust signals allowed the AI to act as a conversational catalyst rather than a privacy inhibitor.
Blueprint
Cross-platform blueprint — my framework was adopted as the foundational blueprint for all Meta AI Encrypted environments across the Meta ecosystem.
Reflection
Designing for cognitive clarity at scale
This feature launch was a masterclass in translating high-level technical constraints into intuitive user logic. My primary contribution was the systemic architecture that categorized "Intelligence" and "Privacy" as distinct, selectable product paths. In a system as vast as WhatsApp, simplicity is a technical achievement; I ensured that whether a user was in a text-only encrypted chat or a multimodal cloud-based chat, their sense of agency remained constant.
The UX of technical translation
Modern UX design requires the practitioner to act as a translator between engineering capabilities and human expectations. By distilling "Trusted Execution Environments" into a systemized "Private Processing" framework with the simple promise that Meta and WhatsApp can't access your messages, I created a repeatable pattern that didn't just solve a one-time UI problem — it established a new UX standard for the entire Meta messaging ecosystem.
Protected work samples
Case studies are password-protected. Enter the password to continue.