What if it acts normal for a vast majority of users, but a user which is secretly flagged on Facebook's back end will secretly report plaintext? Or a certain list of conditions will trigger more snooping? Network traffic works for proving that the app, right now, in this exact circumstance and time and date and location etc, probably isn't snooping on me. There's lots of sneaky ways to exfiltrate data that you wouldn't notice. Imagine encoding data through the timing of requests made or the exact ordering of simultaneous requests.
