Your Instagram Conversations Won’t Be so Private Anymore.
Before you send your next direct message on Instagram, keep in mind: anything you share with that friend, influencer, or company can potentially be seen by anyone—including, but not limited to, hackers, law enforcement, or even Meta itself. As of today, May 8, 2026, direct messages on Instagram are no longer protected by end-to-end encryption (E2EE). Your messages are vulnerable, whether you’re discussing something you saw or sharing your Social Security number. (Please don’t do that.)
End-to-end encryption (E2EE) is essential for any messaging app that seeks to protect its users’ privacy. This level of encryption ensures that only those with access to the devices involved can read the contents of your conversations. When sending a message using the E2EE protocol, the program encrypts, or “scrambles,” it. Each device contains a “key” to decrypt, or “decrypt,” the message. If you try to intercept the message without the key, you’ll see nothing but a jumbled mess of code. Even Meta couldn’t previously read your encrypted Instagram direct messages, making this change extremely frustrating.
Why is Meta removing end-to-end encryption (E2EE) support on Instagram?
It’s unclear why Meta is taking such a drastic step. In fact, the company hasn’t publicly announced it yet, despite the changes taking effect today. Instead, back in March , Meta quietly updated Instagram’s help page to indicate the new policy: “Encrypted messages on Instagram will no longer be supported after May 8, 2026.” Meta advised users to download potentially affected chats, and that doing so may require an Instagram update. However, beyond this, the company has remained silent on the policy change.
Moreover, Instagram has been campaigning for the past seven years to implement end-to-end encryption (E2EE) across all of its major messaging platforms. WhatsApp has always offered encrypted messages, but the company has also implemented E2EE on Instagram and Facebook Messenger. E2EE has its critics, including those who argue that the technology makes it difficult to protect children on the platform. Meta has a poor track record of targeting underage users on its platforms , so it may be feeling pressure to change that. But while eliminating E2EE does make it easier to track minors on Instagram, it’s now also easier to track any user’s messages. Governments and law enforcement agencies will likely welcome this change, but those who care about user privacy will not.
Should I stop using direct messages on Instagram?
If you’re a staunch privacy advocate, then of course you’ll no longer want to use Instagram for messaging. (In fact, you might want to avoid Meta apps as much as possible.) But Instagram is far from the only insecure messaging platform. If you have an iPhone and message Android users (or vice versa), your messages aren’t encrypted (at least until Apple starts supporting RCS E2EE in iOS 26.5 ); if you use Telegram without “secret chats,” your messages aren’t protected by E2EE; if you use Group Me, Discord, Google Chat, or any other popular messaging app, your conversations aren’t completely private.
This doesn’t mean you should stop using these apps, but you should understand the privacy and security implications. Without end-to-end encryption (E2EE), your conversations are accessible to the company hosting the app and could be accessed by anyone who requests your data or obtains it by force. Therefore, don’t rely on Instagram private messages for anything sensitive. Don’t share information you wouldn’t want to discuss publicly or that you wouldn’t want Instagram (or a hacker) to see. This could include financial information, corporate secrets, Social Security numbers, etc.
For now, Instagram’s best private messages are a place to discuss Instagram. “Here’s a funny video I found”; “Look at this picture”; “Have you seen this account?” For serious conversations, use end-to-end encrypted apps like Meta or something like iMessage or Signal.