Meta has confirmed it will permanently remove end-to-end encryption (E2EE) support from Instagram direct messages, with the feature officially shutting down after May 8, 2026.
The announcement, quietly posted on Instagram’s Help Center support page, marks a significant reversal from Meta’s earlier commitment to privacy-focused messaging across its platforms.
Instagram’s E2EE feature was never widely deployed. First tested in 2021 as part of CEO Mark Zuckerberg’s stated “privacy-focused vision for social networking,” it was formally rolled out in late 2023, but only as an opt-in option and only in select regions — never as a platform-wide default.
A Meta spokesperson cited low adoption as the primary reason for the rollback: “Very few people were opting in to end-to-end encrypted messaging in DMs, so we’re removing this option from Instagram in the coming months.”
When enabled, E2EE ensured that only the two participants in a conversation could read messages or listen to calls — shielding content from government authorities, law enforcement, and Meta itself.
Once the feature is retired, Instagram messages will revert to standard format, technically accessible to Meta for content moderation or other internal purposes.
What Happens to Existing Encrypted Chats
Users currently using encrypted chats will receive in-app notifications prompting them to download their messages and any shared media before the May 8 deadline.
Meta has not publicly clarified whether encrypted chats will be permanently deleted after the cutoff date, leaving users who relied on the feature for sensitive communications in uncertainty. Users on older versions of Instagram may also need to update the app to access and export affected chats before they are removed.
The decision has drawn sharp criticism from the security research community. Matthew Green, a cryptographer and professor at Johns Hopkins University, publicly flagged the move as a sign that “Meta appears to be reversing its strong stance on encryption”.
Critics have also pointed to the timing amid growing industry and legislative pressure around age verification and child safety laws, as raising uncomfortable questions about Meta’s broader privacy commitments.
Some researchers have also speculated that removing E2EE could enable Meta to implement content scanning capabilities or support AI training pipelines on message data.
Meta has directed privacy-conscious users toward WhatsApp, where E2EE is enabled by default for all messages and calls. Unlike Instagram, WhatsApp’s encryption architecture has remained intact and is not subject to the current policy change.
Facebook Messenger also retains E2EE for personal one-on-one chats, though it remains disabled for group and business communications.
The Instagram E2EE removal underscores a growing tension in the tech industry between user privacy and platform-level content oversight — a debate unlikely to be resolved as regulatory pressures continue to mount globally.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
