Without a major announcement or press briefing, Meta has fundamentally changed how Instagram treats your private messages. From May 8, 2026, end-to-end encryption for direct messages on the platform will be discontinued, meaning Meta can technically access the content of all Instagram DMs. The company confirmed this through updates to its help documentation and an edited historical post, but many users remain unaware of the change.
The context matters here. Meta CEO Mark Zuckerberg made a public pledge in 2019 to build encrypted messaging across all of the company’s platforms, framing it as part of a broader commitment to user privacy. Delivering on that promise took years and faced resistance from government agencies and law enforcement around the world. When encryption finally reached Instagram in 2023, it was not the default — it required users to actively choose it, a design that predictably limited its uptake.
Now Meta is citing that limited uptake as the reason for removing the feature. The company’s spokesperson said that very few Instagram users opted in, making the feature’s continuation unnecessary. WhatsApp, which encrypts messages by default, is being offered as the alternative for privacy-conscious users within the Meta ecosystem.
The decision has raised eyebrows across the privacy community. Critics note that Meta has effectively set up a scenario where a privacy feature was designed to underperform and is now being removed because it underperformed. They also highlight the commercial opportunity the reversal creates: without encryption, private message data is accessible to Meta and can be used for advertising and AI development.
Whether or not Meta exercises that opportunity, the privacy landscape on Instagram has changed. Users who assumed their private messages were protected now know that is no longer the case. The decision to keep using Instagram DMs for sensitive conversations — or to take those conversations elsewhere — is one that many users will need to make in the coming weeks.