Meta’s decision to end encryption for Instagram direct messages by May 8, 2026 raises a series of uncomfortable questions about the future of privacy on commercial social platforms. The change was confirmed through a quiet update to the company’s help pages. For those who follow digital rights, the decision is as much a symptom as it is a cause.
Encryption on Instagram was introduced in 2023 following Zuckerberg’s 2019 commitment. The opt-in feature was minimally used, but its removal still represents a rollback of privacy protections that had been in place. Meta says low uptake is the reason, but critics argue it reflects a broader failure of will.
After May 8, Meta will have access to all Instagram DMs. This expands the company’s data capabilities significantly. For users, it means the reasonable expectation of privacy in Instagram messages is now gone.
Law enforcement agencies including the FBI, Interpol, and national bodies in Australia and the UK had pushed for this change. Child safety advocates reinforced their position. Australia reportedly began deactivating the feature ahead of the global deadline.
The uncomfortable questions this raises include: Who decides what privacy features commercial platforms must maintain? What recourse do users have when protections are removed? Digital Rights Watch is among those calling for regulatory intervention to ensure that encryption cannot be quietly phased out on platforms that billions of people rely on.