[fwn]

But wait, you sourced the trivial part of your claim (a law exists), but not that WhatsApp breaks E2E. The encryption part is the important part, right?

I'm no expert in the UAEs data protection law, but I did not immediately find any reference for a mandate for government backdoor access to encrypted content.

Also: compromising endpoints obviously does not require zero-day exploits. Otherwise, I'd assume, the services of the surveillance industry (Pegasus, Cellebrite, etc.) would be far more expensive.

There is probably no large conspiracy where Meta breaks E2E for a government and nobody involved ever leaks it. The more traditional threat is probably service blocking where users get pushed to less secure alternatives that the government can more easily monitor, like Russias new government messenger.