Categories
News

Global Encryption Coalition Steering Committee Statement on Meta’s Removal of End-to-End Encryption from Instagram Direct Messages

April 8, 2026

The Center for Democracy & Technology, Global Partners Digital, the Internet Freedom Foundation, the Internet Society, and Mozilla, constituting the Steering Committee of the Global Encryption Coalition, express our serious concern regarding Meta’s announcement that it will discontinue end-to-end encryption (E2EE) for Instagram Direct Messages as of May 8, 2026. We call on Meta to reverse this decision and to implement E2EE as the default standard for all private messaging on Instagram, like it has implemented on WhatsApp, and is implementing on Messenger, its other private messaging services.

The Global Encryption Coalition was established to promote and defend encryption globally. Encryption is a foundational technology that protects the security, privacy, and fundamental rights of billions of people, including journalists, human rights defenders, survivors of abuse and domestic violence, LGBTQ+ individuals, and other everyday users who rely on the confidentiality of their communications. The Coalition’s 500+ members have consistently advocated for strong encryption and against any measures that would undermine it, whether legislative proposals or product design choices.

Meta has been a leading voice for the benefits of E2EE. As Meta founder Mark Zuckerberg wrote in 2019:

I believe the future of communication will increasingly shift to private, encrypted services where people can be confident what they say to each other stays secure and their messages and content won’t stick around forever. This is the future I hope we will help bring about.

Meta has offered WhatsApp with E2EE by default since 2016, and Meta has publicly defended encryption against government-mandated backdoors and client-side scanning. It is therefore deeply troubling that Meta has chosen to move in the opposite direction on Instagram, stripping away critical privacy protection from its users.

Our Concerns

Several years ago, Meta announced its decision to implement E2EE by default on Instagram direct messages, but this never rolled out. Instead, Meta made encrypted direct messages available for some users as an opt-in feature that had to be enabled in the privacy and security settings for each individual chat. Now, Meta has announced it will not even support E2EE as an optional feature. This reversal will expose millions of users to serious and concrete harms:

  • Increased surveillance. Many Instagram users rely on direct messages to discuss sensitive personal, political, or professional matters. The decision to end support for E2EE will put such users at increased risk of surveillance and interception by malicious actors, governments, and others who may seek to access their private communications. 
  • Harm to vulnerable users. Organizations working to protect survivors of domestic violence, LGBTQ+ individuals, and others in vulnerable situations have long recommended encrypted messaging platforms precisely because encryption can be a matter of personal safety. Removing E2EE removes a layer of protection that these users may not be able to replace.
  • Dangerous precedent. At a time when governments around the world are actively considering measures that would weaken or circumvent encryption, the private sector must prioritize privacy and safety in product design.
  • Low uptake is not a justification. Low uptake of an opt-in feature that is not widely advertised to users (and which users have to enable for every chat) does not constitute grounds for eliminating it. Instead, the correct policy response is to make E2EE the default. Strong privacy protections should not require repeated activation to use.

Meta Knows the Value of Encryption

Meta’s own record demonstrates that it understands why encryption matters. Meta’s flagship messaging product, WhatsApp, exists precisely because of its commitment to E2EE. In December 2023, Meta also began rolling out E2EE by default in Messenger, which required Meta to shoulder significant expense and resist governmental pressure to leave Messenger users defenseless against efforts to access their data. Meta has also advocated forcefully and publicly against government proposals to introduce traceability, backdoors or client-side scanning. The company’s policy teams and engineers have explained clearly, and correctly, that there is no way to weaken encryption for one purpose without weakening it for all. 

We acknowledge that transitioning a feature-rich platform like Instagram to end-to-end encrypted messaging by default is technically complex and resource-intensive. We understand that maintaining parallel encrypted and unencrypted architectures creates engineering challenges, and that features such as media sharing must be rebuilt to work within an encrypted environment. These are real constraints.

But complexity is not an argument for elimination. While the feature cost of E2EE may be higher for Instagram than for standalone messaging apps, removing the option altogether disproportionately harms vulnerable populations. For individuals who know they require E2EE and may not have access to another secure communications channel, this feature is not merely a settings toggle; it is a vital safeguard. A low opt-in rate for a non-default feature does not negate its inherent values, and fundamental user safety should always supersede algorithmic engagement and rich media previews. Meta has the engineering talent and resources to solve these problems. Framing this as a product prioritization decision does not diminish its impact on users: the practical effect is that hundreds of millions of people will communicate without meaningful privacy protections.

Our Call to Meta

The Steering Committee of the Global Encryption Coalition calls on Meta to:

  1. Reverse the decision to remove E2EE from Instagram Direct Messages;
  2. Commit to a timeline for implementing E2EE as the default for all messaging on Instagram; and
  3. Engage transparently with civil society and encryption advocates as it works toward that goal.

We also call on Meta to publicly reaffirm the company’s commitment to encryption across all of its private messaging products, and to make clear that this commitment extends to Instagram.

The Global Encryption Coalition exists to actively and consistently defend encryption from governmental threats, and to promote its widespread integration in consumer services. We remain committed to that mission, and we stand ready to work with Meta and other platforms to ensure that users everywhere can communicate securely and privately.

Encryption is not just “a feature.” It is fundamental to safety and the exercise of human rights. We urge Meta to act accordingly.