Click to Chat lets users create URL links or QR codes that others can use to reach them through WhatsApp, without needing to know their phone number or have them on a contacts list. It’s an extremely convenient feature, especially for anyone who uses WhatsApp for business communication, but it makes your phone number publicly searchable on Google.
There’s some debate over whether this is intentional or a bug. Google’s algorithm pulls the phone number from the Click to Chat link’s metadata, which is then saved to Google Search Index. Security researchers have labeled this a “leak,” while Facebook, WhatsApp, and Google all gave statements to Threat Post saying it’s expected behavior.
It doesn’t really matter if this is part of the feature or an unexpected side effect; the problem is many WhatsApp users were unaware that using Click to Chat would add their phone number to Google’s search index. There’s a reason people try to keep their personal phone numbers off the internet: It’s a potential security risk and makes spam calls more likely.
Security researchers have offered suggestions to all three companies that could help keep WhatsApp phone numbers safely out of Google’s search results, but none of these changes have been implemented—and it’s possible they never will be.
For now, don’t use Click to Chat if you want to keep your WhatsApp phone number off of Google’s Search Index. If you were already using Click to Chat, delete any Click to Chat links from publicly accessible websites. Alternately, you can look into using a service like Google Voice with WhatsApp if you want to continue using Click to Chat without compromising your personal phone number.