As of today, Friday 8 May 2026, the end-to-end encryption feature that protected private messages on Instagram is gone. Meta has removed it from the platform globally — quietly, with no press release, no blog post, and no in-app announcement beyond a buried line in the March update to Instagram's terms of service. The only warning users received was this sentence, slipped into the legal fine print two months ago: "End-to-end encrypted messaging on Instagram will no longer be supported after 8 May 2026."

Today, that sentence became the product. Every Instagram DM sent, received, or stored from this point forward can be accessed by Meta — and, subject to the usual legal process, by governments, law enforcement, and anyone else who serves a valid request.

How we got here

The irony is hard to miss. In 2019, Mark Zuckerberg personally staked Meta's reputation on exactly the opposite posture, publishing a now-famous essay titled "A Privacy-Focused Vision for Social Networking" in which he committed the company to rolling out end-to-end encryption across every private messaging surface — WhatsApp, Messenger, and Instagram. "Your private communications should be secure," he wrote. The Facebook Messenger rollout was completed in 2023. Instagram's was made optional, then delayed, and now killed.

Meta told reporters this week the decision was driven by low opt-in rates: not enough Instagram users were enabling the feature to justify continued engineering investment. That is, as many analysts pointed out, a circular argument — the feature was opt-in precisely because Meta never made it default, and opt-in features always underperform.

Who's celebrating

Child-safety groups. The NSPCC's Rani Govender told the BBC the charity was "really pleased," arguing that E2EE "can allow perpetrators to evade detection, enabling the grooming and abuse of children to go unseen." Several US and UK police bodies had pushed against the rollout for years on the same grounds. Meta's internal trust-and-safety leadership, which has been under continuous political pressure since the 2023 Online Safety Act in the UK and similar legislation advancing in Brussels and Washington, will also breathe easier.

Who's furious

Privacy advocates. Big Brother Watch's Maya Thomas called the move "disappointing" and said the group feared Meta was "caving to government pressure." Professor Victoria Baines at Gresham College told the BBC the reversal reflected a broader shift in Meta's stance toward privacy, noting bluntly: "Social-media platforms monetise our communications — our posts, likes, and now our messages."

The monetisation angle is the one privacy researchers keep returning to. Without E2EE, Instagram DMs become structured data that Meta's ad-targeting models can, at least in principle, read. Meta has said it will not use DM content for ad targeting; the company also said it would not use WhatsApp metadata for Facebook targeting, and then updated that policy in 2021.

What users can do

Inside Instagram, affected users will see instructions on how to export media and messages they want to keep. After that, the options are: move sensitive conversations to Signal or WhatsApp (which still offers default E2EE), accept the new privacy posture, or stop DMing on Instagram altogether.

Our take

The quietness of today's shutdown is the point. Meta is betting that most Instagram users will not notice that a privacy feature they may never have used has been removed — and the bet is almost certainly correct. The cost is reputational, not commercial. In 2019 Zuckerberg promised his users a private future. In 2026 he delivered a more legible one.