Tobias Boelter, a University of California Berkeley cryptography researcher claims that last year he found a security flaw in WhatsApp’s encrypted smart phone messaging application. The flaw, which relates to the unique security keys exchanged between WhatsApp users, is reported to allow third parties, including governments, to intercept messages in transit.

Mr. Boelter informed Facebook, the owner of WhatsApp of this vulnerability early in 2016. To date, Facebook has made no public statements regarding the alleged flaw. News of the flaw was first made public last month. Until the flaw is addressed, Mr. Boelter discourages WhatsApp users from sending sensitive information over the application. Because so many WhatsApp users rely on the security of the messaging application, news of the flaw has raised some real concerns.

Now comes news that WhatsApp has been sued in Germany by the consumer group The Federation of German Consumer Organizations for ‘illegally” collecting users’ phone numbers and contacts and sharing them with its owner Facebook. The data was being used by Facebook for advertising purposes and for products. In November, WhatsApp agreed to suspend the practice after data protection advocates from several countries objected to it. Facebook has also agreed to suspend the use of this data. Those advocates now bring suit to demand that WhatsApp delete the collected data. WhatsApp has responded to the suit by saying its “privacy policy and terms updates comply with applicable law.”