Instagram DMs are changing today. Here is what users need to know

Dubai: Instagram users will lose access to end-to-end encrypted direct messages from May 8, 2026. The change affects Instagram’s optional encrypted direct message feature, which Meta introduced in December 2023. Once the feature is switched off, Instagram messages will move back to standard encryption, meaning Meta will have the technical ability to access message content when needed, including text, images, videos and voice notes.

End-to-end encryption is designed so only the sender and the receiver can read a message. The platform carrying the message cannot view the content. Standard encryption still protects messages while they move across the internet, but it does not give the same level of privacy because the service provider can access the content under certain conditions.

What changes from May 8

Users who had enabled encrypted chats on Instagram will see the feature removed after May 8. Meta has said affected users will receive instructions inside the app on how to download messages or media they want to keep.

Older versions of Instagram may need to be updated before the download option appears. Users who want to save encrypted conversations should check the app settings and follow the in-app instructions before the feature disappears.

The change does not mean Instagram direct messages become public. It means they will not carry the highest level of private messaging protection. Instagram will remain usable for casual chats, customer messages, creator interactions and day-to-day conversations, but it will not be the better option for users who need strong privacy protection.

Why Meta is making the move

Meta’s official explanation is low usage. A spokesperson told The Guardian in March, “Very few people were opting in to end-to-end encrypted messaging in DMs, so we're removing this option from Instagram in the coming months.”

The company is directing users who want encrypted messaging to WhatsApp, where end-to-end encryption remains the default across messages and calls. WhatsApp is owned by Meta, but its privacy model is built around default encryption in a way Instagram’s direct messages were not.

The Instagram feature was optional, not default. It was also limited by region and settings visibility, which meant many users may never have known it existed. Privacy campaigners argue that low take-up of an optional feature does not prove weak demand, because users often avoid features that are difficult to find or require extra steps.

Why privacy groups are worried

Privacy advocates see the decision as a reversal from Meta’s earlier privacy pledge. In 2019, the company said “the future is private” and set out plans to expand encrypted messaging across its platforms.

Messenger completed its rollout in 2023, while Instagram only offered the feature as an option. Meta has now dropped plans to expand it more widely on Instagram.

The concern among privacy groups is simple. Once a platform can technically read message content, it can also scan, review or hand over that content in response to legal demands. Meta has not said it plans to use Instagram direct messages to train artificial intelligence models, and Instagram has previously said DMs are not used to train AI. The removal of end-to-end encryption still changes the level of technical protection available to users.

Why child safety groups support the decision

The move has been welcomed by some child safety campaigners and law enforcement groups, which have long argued that end-to-end encryption makes it harder to detect grooming, abuse material and harmful content shared through private messages.

Governments in the US, UK, EU and Australia have spent years pressing social media companies to do more to detect child sexual abuse material and online harassment. Platforms that cannot read message content face limits on what they can scan or remove before harm spreads.

The timing has also drawn attention because the change comes shortly before the Take It Down Act comes into force in the United States on May 19, 2026. The law requires platforms to remove non-consensual intimate imagery, including AI-generated deepfakes, within 48 hours of receiving a takedown notice. Meta has not publicly linked the Instagram encryption decision to that law.

What users should do now

Instagram users who have encrypted DMs enabled should open the app, check whether any in-app notice has appeared and download conversations or shared media they want to keep. Updating the app first may be necessary for some accounts.

Users who need stronger privacy for sensitive conversations should move those chats to WhatsApp or Signal. WhatsApp remains end-to-end encrypted by default and is still part of Meta’s app ecosystem. Signal is independently operated, open-source and widely used by people who prioritise privacy.

The change means users should treat DMs differently from May 8. Sensitive documents, private images, financial details and personal discussions are better kept on platforms where end-to-end encryption is switched on by default.

- With inputs from agencies.