In Summary
- Meta recently posted that it would be ending end-to-end encryption (E2EE) for direct messages (DMs) on Instagram.
- Although the brand has cited that the feature is being removed because not too many were using it, the decision raises questions about its commitment to user privacy.
- As encryption ends on Instagram, we look at the future and how users can back up the information on the network that they wish to keep from prying eyes.
Meta has decided that it will be pulling the plug on end-to-end encryption (E2EE) on Instagram DMs. A message buried in one of the support pages on Instagram said: “End-to-end encrypted messaging on Instagram will no longer be supported after 8 May 2026.” This means, post May 8, 2026, the direct messages on Instagram that one sends to friends, family, and peers will be accessible to Meta.
For those who might not know, end-to-end encryption (E2EE) is a feature that ensures that only the sender and the receiver can read the messages shared between the two. No one else, including the platform, the parent company, or even the government, can access the data shared between two people over encrypted messages. Well, that era seems set to end, as our lives with Meta enter a new, less private phase.
With great power and popularity comes great responsibility…not?
Ever since Facebook came into existence almost twenty years ago, we have shared much of our private and social lives with one tech brand– Meta. After starting as a humble (but problematic) platform, Facebook became a global phenomenon in no time, being the social network where millions communicated and shared information with each other. Its importance grew even greater when it acquired Instagram and then WhatsApp, becoming an integral part of the online lives of billions of people.
“With great power comes great responsibility”, Uncle Ben very famously said to Peter Parker in Spider-Man, but either Facebook boss Zuckerberg lacked an Uncle Ben-like figure in his life, or he ignored him altogether. Because a lot of the decisions taken by Meta (the name given to Facebook’s parent company in 2021) did not quite seem to indicate great concern for its users, let alone great responsibility.
Meta and encryption: an on and off relationship
The past decade has seen Meta walking a tightrope with matters of encryption. It was first introduced on WhatsApp in 2016, and since then has had an “on again, off again” relationship with encryption on other platforms. It was introduced on Facebook Messenger but then rolled back. In 2023, Meta introduced E2EE on Instagram DMs, in what seemed like a move towards making Instagram a social media platform with some element of privacy. Interestingly, the feature was never made available to all its users – Meta only offered E2EE to audiences in specific regions.
Come May 8, that privilege will be taken away from them as well.
In a statement, one of Instagram’s officials mentioned that they are deactivating end-to-end encryption as “Very few people were opting in to end-to-end encrypted messaging in DMs, so we’re removing this option from Instagram in the coming months”. The low adoption rate might be the official reason behind pulling the plug on the feature, but many believe this is actually a move to let Meta access private user data.
The Privacy vs Security debate
Many people have been saying that the move, intrusive as it may sound, might actually end up making the platform a bit safer. They point out that without strict encryption, it becomes easier to flag illegal behavior, child predators, grooming, child sexual exploitation, and fraud. When Instagram first began rolling out E2EE, there were protests around the globe from many child safety organisations, as they felt that the move would make it easier for predators to reach out to vulnerable children. In 2024, the attorney general of New Mexico filed a motion to ban the feature for minors using Instagram. Without E2EE in the middle, Meta will be able to share the details of a shared chat between two people with the authorities when necessary.
While most will agree that security trumps (pun unintended) privacy, many are pointing out that in the guise of safety, Meta’s move is actually likely to cause more harm than good. For a while now, encryption has been hailed as the protective shield against hacking and unwanted surveillance. With E2EE out of the picture, your DMs will be more prone to breaches. This may prove to be a massive problem for journalists, activists, or those who have been connected with a network online to fight social injustice or discuss sensitive issues. With E2EE gone, it will not just be easier to spot criminal activity, but also whistleblowers.
Another downside would be more ads and more specific ads. With private conversations losing encryption, Meta would be able to show users more ads and ads targeted specifically at certain users. For example, if you tell your friend in DMs that you want to buy a striped shirt, Meta would be very easily able to pick out these keywords and then flood you with ads for striped shirts. Finally, our chats might also be used to train AI models. As we know, AI models rely on data to get better and more human-like in nature, and in this case, the DMs between users are basically a jackpot. Although Meta might not use specific chats to do so, it is likely that overall data will be used.
In this regard, Instagram will become like other major platforms like TikTok, which also do not offer end-to-end encryption. X does have some encryption features in place, but even that is not turned on by default, like it is on WhatsApp.
Why so hush-hush, Meta?
The fact that this very important, almost life-changing news, comes from Meta so casually also raises some questions. While Meta claims that it will notify those using this feature about the end of the E2EE era, for now, it is simply a two-line announcement on some “Help” page on Instagram, buried under many other pages. Given the size of the brand and its user base, Meta could have easily notified users in a more public way and could have made people aware that this is a feature they are taking away. But, alas, Meta has chosen to be shady about this as well. And that is not very reassuring, especially when its supporters claim that the move was made for all the right reasons and not to compromise user privacy.
Back up your Insta info – this is how!
So what can Instagram users do? Well, if you have any sensitive data shared on Instagram DMs, you can save them by following these steps (these are on iOS, but Android is broadly similar):
- Log in to your Instagram account
- Go to your profile, then tap the small hamburger icon on the top right of the screen.
- This will take you to some settings options, tap on Account Centre.
- Now select “Your information and permissions”.
- Tap on the “Export your information” tab
Once here, you will need to put in your login details. You can then choose the profile you want to export details of (you can choose Facebook and/or Instagram), and also select where you want to export the information – it could be a storage device or an online storage service.
This done, one could perhaps follow the advice that Instagram itself has been giving – move to WhatsApp. Yes, Instagram officials have mentioned that those who want more privacy can converse on WhatsApp, which is (still) end-to-end encrypted by default. As Instagram becomes just another social media platform where one creates and consumes content, with no scope for actual conversations, perhaps that is not a bad idea.
