Meta Removes End-to-End Encryption for Instagram Direct Messages
Meta said it will discontinue Instagram’s optional end-to-end encrypted direct messages on May 8, 2026, ending a feature introduced in 2023 after reporting that few users enabled it. After the cutoff, Instagram DMs will rely on standard transport encryption instead of end-to-end encryption, allowing message content to be decrypted on Meta’s servers. Users with existing encrypted threads are being notified to save or export content they want to keep before the feature is turned off, and Meta has pointed privacy-conscious users toward WhatsApp for encrypted messaging.
The change has triggered criticism from privacy advocates, who warn that server-readable messages expand the risk surface for breaches, internal access, moderation scanning, and legal disclosure. Reports also say the move could make private message content more available for automated processing and other internal uses, though Meta’s public rationale focused on low adoption and operational needs rather than explicitly confirming advertising or AI training. The decision also contrasts with earlier public commitments by Meta leadership favoring broader deployment of private, encrypted communications.
Timeline
May 8, 2026
Instagram encrypted DM support scheduled to end
On May 8, 2026, Instagram's optional end-to-end encrypted direct messages are set to stop working, after which DMs will use standard transport encryption instead of end-to-end encryption. This means message contents can be decrypted on Meta's servers for functions such as moderation and compliance.
May 5, 2026
Meta begins notifying users to export encrypted chat data
Ahead of the cutoff, Meta started prompting affected Instagram users to export or save content from encrypted chat threads before the feature is shut down. These notices were tied to the impending removal of encrypted DM support.
May 5, 2026
Meta announces end of Instagram encrypted DMs for May 8
Meta announced that Instagram will discontinue its optional end-to-end encrypted direct message feature on May 8, 2026, citing very low user adoption. The company also pointed privacy-focused users toward WhatsApp for end-to-end encrypted messaging.
Mar 1, 2026
Meta signals Instagram encrypted DM feature will be removed
Meta indicated on a help page in March 2026 that Instagram's optional end-to-end encrypted direct messages would be discontinued. The notice also said users with encrypted threads would receive prompts about saving content they wanted to keep.
Jan 1, 2023
Instagram introduces opt-in encrypted direct messages
Meta initially launched optional end-to-end encryption for Instagram direct messages, making encrypted chats available as an opt-in feature rather than the default. Later reporting said adoption remained very low.
Mar 1, 2019
Meta advocates broader private messaging encryption
Mark Zuckerberg publicly argued for stronger encryption across Meta's messaging platforms, framing private communications as an important direction for the company. This serves as an earlier baseline before Instagram later reversed course on encrypted DMs.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Related Entities
Organizations
Sources
Related Stories
Meta Ends End-to-End Encrypted Chats on Instagram DMs
**Meta** said it will discontinue **end-to-end encryption (E2EE)** for Instagram direct messages after **May 8, 2026**, reversing an earlier privacy push that began with testing in 2021 and a limited rollout in 2023. The feature was never enabled by default, remained available only in some regions, and Meta said adoption was low. Users with affected encrypted chats are being told to download messages and shared media before the cutoff, and some may need to update the Instagram app to export that data. The change means Instagram DMs that had been protected by E2EE will revert to a standard format accessible to Meta for moderation and other internal purposes. Reporting also notes broader tension around encrypted messaging: privacy advocates and researchers criticized the rollback as a retreat from user privacy, while child-safety and law-enforcement voices have long argued that E2EE can hinder detection of **CSAM**, terrorist content, and other abuse. The move follows years of debate inside and outside Meta over whether stronger message privacy should outweigh platform safety and compliance concerns.
1 months ago
Meta Expands AI-Driven Anti-Scam Protections Across Facebook, Messenger, and WhatsApp
Meta announced expanded anti-scam measures across **Facebook**, **Messenger**, and **WhatsApp**, emphasizing AI-driven detection of impersonation, deceptive links, and other fraud patterns, alongside new user-facing warnings intended to interrupt scams earlier in the interaction. Updates include Facebook alerts for suspicious friend requests, WhatsApp warnings for potentially fraudulent device-linking attempts (e.g., QR-code based linking), and Messenger prompts that can offer an AI scam review of recent chat content; Meta also said it is expanding advertiser verification to reduce identity misrepresentation in ads. Separately, Meta described enforcement at scale, reporting the removal of **159 million scam ads in 2025** and **10.9 million** Facebook/Instagram accounts tied to criminal scam centers, amid ongoing scrutiny from US lawmakers and reporting that has questioned the platform’s financial incentives to police fraudulent advertising. Meta also highlighted collaboration with law enforcement targeting “industrialized” scam operations, including actions tied to Southeast Asian scam compounds that resulted in **21 arrests** and the disabling of **150,000+ accounts**, as well as broader efforts to counter “pig-butchering”-style investment fraud. Complementing these initiatives, Meta detailed a privacy-preserving *Messenger* capability—**Advanced Browsing Protection (ABP)**—that warns users about potentially malicious websites opened from encrypted chats by using cryptographic/private-information-retrieval techniques to check links against large blocklists without revealing message contents to Meta. In parallel reporting on the scam ecosystem, researchers described a large network of **paid Meta ad** campaigns using fake media brands and impersonated public figures to push investment scams across dozens of countries, underscoring the continued role of malvertising and disinformation-for-profit tactics in driving victim acquisition.
1 months ago
Meta Expands Safety and Enforcement Measures Across Facebook and Instagram
Meta disclosed a set of new **platform safety and enforcement actions** aimed at reducing harm and abuse on its services. The company filed multiple lawsuits against alleged scam-ad operators in **Brazil, China, Vietnam** and elsewhere, describing tactics including **deepfakes/celebrity impersonation**, “celeb-bait” investment lures, and **cloaking** used to evade ad review; Meta said it also took technical steps such as disabling accounts, suspending scam-linked payment methods, and blocking associated domains, and shared information with industry partners to help them block the same actors. Separately, Meta announced new **Instagram parental-supervision alerts** that notify parents when a teen repeatedly searches for **self-harm or suicide-related terms** within a short time window (initially for supervised accounts in the **U.S., U.K., Australia, and Canada**), and said it is developing similar notifications for teens’ **AI-related conversations** about self-harm. In parallel regulatory developments, EU lawmakers advanced a non-binding opinion supporting **privacy-friendly age verification** and proposing restrictions that would require **parental consent for under-16s** and bar access for children under 13, positioning these measures for potential inclusion in a future **Digital Fairness Act** focused on child protection online, targeted advertising, and addictive design patterns.
1 months ago