Meta has announced that Instagram will stop supporting end-to-end encryption (E2EE) for direct messages (DMs) after May 8, 2026. The optional feature, introduced in December 2023 on an opt-in basis for one-on-one chats in select regions, allowed users to enable encryption manually for specific conversations. Unlike WhatsApp or the default setup on Messenger, it was never rolled out platform-wide or as a default option.
Following the change, all Instagram DMs will operate without this additional layer of encryption. This means Meta will regain the ability to access message content for purposes such as content moderation, safety scanning, advertising, and compliance with legal requests. Previously, in encrypted chats, only the sender and recipient could read the messages.
Users with active encrypted chats are being prompted via in-app notifications to download their messages and media before the deadline. Those on older app versions may need to update Instagram to access the export options. Failure to do so could result in permanent loss of that chat history.
What is End-to-End Encryption?
End-to-End Encryption (E2EE) is a security method that ensures only the sender and the intended recipient can read the contents of a message. In this system, messages are encrypted on the sender’s device using special cryptographic keys, and they can only be decrypted by the recipient’s device.
Even the messaging platform, in this case, Instagram or its parent company Meta cannot access the plain text of the conversation, nor can intermediaries or third parties.
This provides strong privacy protection against unauthorized surveillance, data breaches, or platform-level scanning, though it can limit the service provider’s ability to moderate content or respond to safety issues.
On Instagram, the feature was always optional and required manual activation per chat, unlike default E2EE on apps such as WhatsApp.
Reasons Behind Meta’s Decision
A Meta spokesperson in a statement to The Verge cited low user adoption as the factor. “Very few people were opting in to end-to-end encrypted messaging in DMs, so we’re removing this option from Instagram in the coming months,” the spokesperson said. They added that users seeking E2EE can continue using WhatsApp.
The move also aligns with broader pressures for improved platform safety. Child safety advocates, law enforcement agencies, and regulators in regions including the US, UK, EU, and Australia have long argued that encryption can hinder the detection of child sexual abuse material (CSAM), grooming, scams, and other harms. By removing the optional E2EE, Instagram can more effectively deploy automated scanning tools.
Implications for Users and Privacy
Without E2EE, Instagram DMs will function more like standard social media messaging, protected in transit but accessible to the platform. This enables Meta to scan for policy violations and respond to valid legal demands from authorities. While automated systems (rather than manual human review) are typically used for moderation, the technical capability for access now applies universally.
For everyday users, this shift means greater caution with sensitive information. Freelancers, businesses, and individuals discussing confidential matters in DMs may want to move such conversations elsewhere. Casual chats remain convenient, but the sense of a fully private space diminishes.
Privacy experts and digital rights groups have expressed concerns, noting that while safety is important, widespread encryption remains a key tool for protecting users from surveillance and data exploitation. Some observers suggest commercial factors, such as improved ad targeting or AI training potential, may also play a role, though Meta has not confirmed this.
What Users Should Do Before May 8
•Export your data promptly: Check for in-app prompts and follow instructions to download messages and media from encrypted chats. Update the app if necessary.
•Review ongoing conversations: Identify any sensitive threads and migrate them to fully encrypted alternatives.
•Adopt safer practices: Use disappearing messages or restrict who can message you on Instagram for added control, but treat the platform as semi-public for important exchanges.
Recommended alternatives for private communication include WhatsApp (which remains E2EE by default), Signal, or other secure messaging apps.
This change arrives amid evolving global regulations on online safety, data protection, and platform accountability. In India, for instance, discussions around the Digital Personal Data Protection Act add another layer of relevance for the platform’s large user base.
As of early 2nd May, no further delays or reversals have been announced. Users are advised to act before the May 8 cutoff to preserve their encrypted chat histories. The development underscores the ongoing tension between privacy, safety, and platform operations in the social media landscape.
About the Author
