PSA: Instagram No Longer Supports Encrypted Direct Messages

SammyGuru is reader-supported. We have affiliate and sponsored partnerships, so we may earn a commission when you buy through links on our site — at no extra cost to you. Learn more.
Private messaging apps are supposed to become more secure over time, not less. But Instagram’s now moving in the opposite direction. After introducing end-to-end encrypted messages back in 2023, Meta announced they’d be gone starting May 8, 2026.
Instagram DMs are no longer truly private with end-to-end encryption gone
As detailed on Help Center page, starting May 8, Instagram no longer supports encrypted direct messages. Back in March, we covered Meta’s decision to remove end-to-end encryption from Instagram DMs, a move that immediately raised privacy concerns for millions of users. Now, that change has officially gone live.
With end-to-end encryption disabled, Meta can now access message content in Instagram DMs for moderation and safety. That includes text conversations, photos and videos, voice messages, and shared media inside chats.
Before this change, users could optionally enable encrypted chats, meaning only the sender and receiver could read the contents of messages. That protection is now gone entirely. Meta says this is about safety, framing this decision as a measure and moderation for child safety.
What are better alternatives to Instagram?
If privacy matters, Instagram probably shouldn’t be your messaging app anymore. Apps like Signal, and even Meta’s own WhatsApp and Messenger, still offer stronger protections, especially with encryption enabled by default. What’s strange is that Meta continues to support encryption on those platforms. If it’s truly too difficult to manage safely, why does it still exist elsewhere?
I never fully trusted Instagram DMs for sensitive conversations, but removing encryption entirely still feels wrong. In 2026, as AI becomes more central, users expect more control over their data, not less. Safety and moderation matter, but removing end-to-end encryption feels like the easiest solution for Meta, not the best one for users.
















