If I remember correctly, Open whisper systems, makers of TextSecure app say that Whatsapp[1] uses the text secure protocol[2]. This means that chats are encrypted end to end. It doesn't seem to expose information to Alice when Bob's keys change though. So someone could coerce Whatsapp into changing the keys for Alice and Bob and MITM that way. However, if we are worried about that we should also be worried about a rogue agent just updating the binaries for Whatsapp to remove such privacy-conscious decisions.

I guess the prevailing notion (as the grand parent said) is that while Facebook couldn't give two shits about our privacy, there are people who work there who do care about privacy in general (and not just their own privacy). Of course, no Facebook employee is going to come out publicly and call Mark Zuckerberg for being a self-serving psychopathic douche bag.

[1] (owned by Facebook, I imagine the deal is complete by now)

[2] https://whispersystems.org/blog/whatsapp/

> The most recent WhatsApp Android client release includes support for the TextSecure encryption protocol, and billions of encrypted messages are being exchanged daily. The WhatsApp Android client does not yet support encrypted messaging for group chat or media messages, but we’ll be rolling out support for those next, in addition to support for more client platforms. We’ll also be surfacing options for key verification in clients as the protocol integrations are completed.

> WhatsApp runs on an incredible number of mobile platforms, so full deployment will be an incremental process as we add TextSecure protocol support into each WhatsApp client platform. We have a ways to go until all mobile platforms are fully supported, but we are moving quickly towards a world where all WhatsApp users will get end-to-end encryption by default.