If the original post is true and Facebook is leaking message based data into systems that produce ads (3rd party or 1st party), they have a responsibility to diagnose and resolve the issue. Despite their responsibility to do so, they are not aligned with doing so.
Excuses like "the user did something bad" aren't productive.
A warning that the users expectations (secure communications) do not match reality (3rd party keylogged communications) seems like the minimum level of responsibility:
If WhatsApp derived information is being seen in advertisements, it is Facebook's responsibility. It is in Facebooks best (next quarters profits based) interests to not be responsible.
