Meta’s decision to remove end-to-end encryption from Instagram direct messages, set for May 8, 2026, is being closely watched by regulators around the world. The company disclosed the change through a quiet help page update. For lawmakers and regulators focused on digital privacy, the move raises important questions about platform accountability.
Encryption on Instagram was introduced in 2023 following Zuckerberg’s 2019 commitment. The opt-in feature attracted very few users. Meta says this is why it is being removed, but regulators are paying attention to the broader implications.
After May 8, Meta will have access to all Instagram DM content. This expands the company’s data reach in ways that may attract regulatory scrutiny. Data protection authorities in Europe and elsewhere have been vocal about the need for platforms to respect user privacy.
Law enforcement had pushed for this change. The FBI, Interpol, and national agencies in Australia and the UK argued encryption was enabling crime. Australia reportedly began deactivating the feature before the global deadline. The eSafety commissioner’s office in Australia also noted that safety and encryption must be addressed together.
Privacy advocates are urging regulators to act. Digital Rights Watch argued that the quiet removal of a privacy feature by a major platform should require regulatory approval. They and others are calling for frameworks that would ensure platforms cannot unilaterally eliminate user privacy protections without transparent justification and user notification.