Meta Reverses Instagram Encryption Policy, Halting End-to-End Private Messaging Feature
Instagram users can no longer send ultra-private direct messages, as Meta has disabled the platform's end-to-end encryption (E2EE) feature globally. This represents a significant policy shift by the parent company, which had previously promoted E2EE as the paramount standard for user privacy.
E2EE is the most secure form of online communication, ensuring that only the sender and recipient can access messages. However, it has faced opposition from some campaigners who argue it facilitates the dissemination of illicit content beyond the purview of law enforcement.
Consequently, groups such as children's charities have endorsed Meta's decision, whilst privacy advocates have condemned it. The removal of E2EE means Instagram will now have access to all content within direct messages, including images, videos, and voice notes.
In 2019, Meta had committed to integrating E2EE across Facebook and Instagram messaging, asserting that "the future is private." The company completed its rollout for Facebook Messenger in 2023 and subsequently made the feature optional on Instagram, with intentions to implement it as a default. However, after seven years, Meta has opted against a broader deployment on Instagram, which will now revert to standard encryption. Standard encryption allows internet service providers to access private material if necessary, a system common to many major online services.
Child protection organisations, including the NSPCC, have welcomed the decision, citing concerns that E2EE could expose children to risk. Rani Govender of the NSPCC stated the charity was "really pleased," noting that E2EE "can allow perpetrators to evade detection, enabling the grooming and abuse of children to go unseen."
Conversely, privacy campaigners view the move as a retrograde step. Maya Thomas of Big Brother Watch expressed "disappointment," highlighting E2EE as "one of the key ways children can keep their data safe online," and suggesting Meta may be capitulating to governmental pressure.
Meta did not publicly announce its decision to abandon the Instagram rollout; instead, it quietly updated the app's terms and conditions in March. The updated terms indicated, "End-to-end encrypted messaging on Instagram will no longer be supported after 8 May 2026." Meta informed reporters that the decision was due to low user adoption of the optional feature, a common issue for opt-in functionalities.
Some analysts, including cybersecurity expert Victoria Baines, Professor of IT at Gresham College, believe the decision reflects a shift in Meta's approach to privacy. "Social media platforms monetise our communications—our posts, likes, and messages—so they can serve targeted advertising," she observed. "And increasingly, companies like Meta are focusing on training AI models, for which messaging data can be extremely valuable."
Instagram had previously stated that direct messages were not used for AI model training. The company declined further comment on its policy reversal, and Instagram head Adam Mosseri declined to be interviewed. Last month, Meta informed staff that their activity on work devices would be collected for AI model training. Campaigners like Big Brother Watch suggest Meta's decision could influence the broader social media industry, potentially slowing the wider adoption of E2EE, limiting it largely to dedicated messaging applications.
