Instagram Kills End-to-End Encryption on DMs
BBC Business reported Thursday that Instagram has switched off end-to-end encryption for direct messages globally, ending a privacy feature that parent company Meta had championed for years. The move represents one of the platform’s most significant policy reversals on user privacy to date.
Meta’s Seven-Year Promise Comes Undone
End-to-end encryption, or E2EE, restricts message access exclusively to the sender and recipient. No third party, including the platform itself, can read the content. By removing it, Instagram can now access all direct message content. That includes images, videos, and voice notes sent between users.
Meta CEO Mark Zuckerberg declared in 2019 that “the future is private” and pledged to roll out E2EE across both Facebook and Instagram. The company completed that rollout on Facebook Messenger in 2023. Instagram received it only as an opt-in feature, with a default rollout planned. That plan has now been quietly abandoned.
Meta did not issue a formal announcement. Instead, it updated Instagram’s terms and conditions in March. The company later told reporters that too few users had chosen to enable the feature voluntarily.
Child Safety Groups Cheer, Privacy Advocates Push Back
The reaction has been sharply divided. The NSPCC welcomed the reversal, arguing E2EE allowed abusers to operate undetected on the platform. Charity representative Rani Govender said the technology enabled grooming and child abuse to go unseen by authorities.
Privacy group Big Brother Watch offered the opposite view. Representative Maya Thomas described the decision as disappointing. She argued E2EE protects children’s data and suggested Meta may be bowing to government pressure rather than acting on principle.
Background: A Shifting Industry Standard
E2EE has long been the direction of travel for major messaging platforms. Signal, WhatsApp, Facebook Messenger, Apple’s iMessage, and Google Messages all use it by default. Instagram’s reversal now places it alongside TikTok, which told the BBC in March it had no plans to adopt the technology.
Analysts are questioning the true motivation behind Meta’s decision. Cybersecurity expert Victoria Baines, a professor at Gresham College, noted that messaging data carries significant commercial value. She said the calculus likely involves both advertising targeting and AI model training. Meta has separately confirmed it is now collecting staff device activity for AI training purposes. Instagram has previously stated that direct messages are not used to train its AI systems.
Instagram boss Adam Mosseri declined to be interviewed on the matter.
