Meta has announced that end-to-end encryption will be removed from Instagram direct messages effective May 8, 2026. The news, buried in help page updates rather than announced through official channels, closes a chapter in what has been a turbulent and controversial privacy journey for the platform. It also revives uncomfortable questions about whether Meta ever fully intended to make encryption a lasting feature.
Mark Zuckerberg first declared in 2019 that Meta would pursue a privacy-first messaging strategy, with encryption as its cornerstone. Years of delays followed, with law enforcement agencies around the world — including the FBI, Interpol, and national crime agencies in the UK and Australia — pushing back aggressively. When encryption finally arrived on Instagram in 2023, it was opt-in only, rather than the default that privacy advocates had hoped for.
Now, Meta is pointing to that same opt-in structure as evidence that the feature wasn’t wanted. The company says low adoption rates justify its removal. Critics find this argument circular and disingenuous, noting that opting in requires deliberate action that most users never take regardless of their preferences, and that the design itself was never conducive to widespread use.
The timing of the decision has led to speculation about what Meta gains from the reversal. Without encryption, Meta has unfettered access to the content of Instagram DMs — data that holds significant commercial value for targeted advertising and AI model training. Whether or not Meta acts on this immediately, the capability is now available in a way it was not before.
Tom Sulston of Digital Rights Watch framed the reversal as a form of platform degradation and called on Meta to invest in better safety measures rather than dismantling privacy features. As the May 2026 deadline approaches, the decision stands as a reminder of how fragile digital privacy protections can be when they are not backed by law or genuine corporate commitment.