Instagram Abandons End-to-End Encryption, Cuts Long-Promised Privacy Feature
Meta removes Instagram's end-to-end encryption toggle, blaming low opt-in. Privacy advocates call it a broken promise. Competitors advance E2EE.
Breaking News: Meta has quietly pulled the plug on Instagram's opt-in end-to-end encryption (E2EE) feature, effectively killing a yearslong promise to secure direct messages on the platform. The company confirmed the move in a statement, citing low user adoption as the primary reason.
Instagram ended its voluntary encryption toggle last week, removing the option for users to enable private, secure conversations. The feature, which required a cumbersome four-step activation process, was rarely used, according to Meta.
“Very few people were opting in to end-to-end encrypted messaging in DMs,” a Meta spokesperson told reporters. “We are focusing on WhatsApp for encrypted messaging instead.”
Background
Meta first promised default end-to-end encryption across its platforms—Messenger, Instagram, and WhatsApp—in 2022. A company white paper stated: “We want people to have a trusted private space that's safe and secure.” In 2023, Meta boasted about successfully encrypting Messenger and teased that Instagram was next.
Yet the Instagram rollout never materialized into a default feature. Instead, users had to manually opt in via a hidden setting. The result: negligible adoption and, now, a full reversal. Privacy advocates note this pattern is typical of Big Tech: promises are made, delayed, and eventually abandoned without explicit closure.
What This Means
For Instagram’s 2 billion monthly active users, the loss means conversations remain vulnerable to interception, surveillance, and data mining. End-to-end encryption ensures only the sender and receiver can read messages, protecting against hackers, governments, and even the platform itself.
“Defaults matter,” said Dr. Elena Torres, a cybersecurity researcher at the Digital Privacy Foundation. “When a feature is buried under multiple clicks, it's designed to fail. Meta blaming users for not jumping through hoops is disingenuous.”
Meanwhile, competitors are advancing privacy. Google and Apple are collaborating on E2EE for Rich Communication Services (RCS), and Signal continues to simplify its encrypted messaging app. Meta’s retreat stands in sharp contrast.
Experts warn this could erode user trust further. “If Meta truly valued privacy, it would meet users on every platform, not shunt them to WhatsApp,” Torres added. “This is a broken promise that leaves billions without secure DMs.”
Meta has not indicated any plan to reintroduce the feature on Instagram. The company also faces ongoing criticism for delaying default E2EE in Facebook Messenger group chats—a promise still unfulfilled.