Does Facebook always detail their tracking and analytics platform updates? In any case, my point is that it doesn't need to be malicious for FB to invalidate the privacy expectations that users of encrypted messaging might have.

If it was malicious, they already control the client code and therefore have access to the plaintext anyway.