Instagram Ends End-to-End Encryption for Direct Messages, Reversing Privacy Stance
Instagram users can no longer send ultra-private direct messages, as the platform discontinues its end-to-end encryption (E2EE) feature. This represents a significant reversal by parent company Meta, which had previously promoted E2EE as a cornerstone of user privacy.
E2EE is recognised as the most secure form of online communication, ensuring only the sender and recipient can view messages. However, it has faced opposition from campaigners who argue it facilitates the dissemination of extreme content beyond regulatory oversight.
The decision has garnered approval from groups, including children's charities, who cite potential risks to children online. Conversely, privacy advocates have condemned the move, viewing it as a detriment to user data protection.
By removing E2EE, Instagram now possesses the capability to access all direct message content, encompassing images, videos, and voice notes. Meta had previously committed in 2019 to implement this technology across Facebook and Instagram messaging, stating, "the future is private." While Facebook Messenger completed its E2EE rollout in 2023, Instagram’s optional feature was intended to become a default standard. After seven years, Meta has opted against wider deployment on Instagram, which will now revert to standard encryption—a system prevalent in services like Gmail, allowing internet service providers access to private material if deemed necessary.
Child protection organisations, such as the NSPCC, have expressed satisfaction with the change. Rani Govender from the charity stated that E2EE "can allow perpetrators to evade detection, enabling the grooming and abuse of children to go unseen."
Conversely, Maya Thomas of Big Brother Watch expressed "disappointment," suggesting that E2EE is a crucial method for children to secure their online data and that Meta may be acceding to government pressure.
Meta did not publicly announce the decision to abandon its Instagram E2EE plans. Instead, the company quietly updated the app's terms and conditions in March, informing users that "End-to-end encrypted messaging on Instagram will no longer be supported after 8 May 2026." Meta attributed the decision to low user uptake of the optional feature, a claim analysts dispute, noting that optional features frequently experience low engagement due to added user friction.
Cyber security expert Victoria Baines, Professor of IT at Gresham College, posits that the decision reflects a shift in Meta’s approach to privacy. She observed, "Social media platforms monetise our communications—our posts, likes and messages—so they can serve targeted advertising. And increasingly, companies like Meta are focusing on training AI models, for which messaging data can be extremely valuable. I think the decision is more complex." Instagram had previously denied using direct messages for AI training. The company declined further comment on its policy reversal.
