Meta’s removal of end-to-end encryption from Instagram direct messages, confirmed for May 8, 2026, has generated significant commentary. But some of the most important questions about the decision have gone largely unasked. Here are the questions that should be at the center of the debate.
Encryption on Instagram was introduced in 2023 as an opt-in feature following Zuckerberg’s 2019 commitment. The removal has been framed primarily around low uptake and child safety. But deeper questions about motivation, governance, and consequence have received less attention.
Why was encryption never made the default? The opt-in design virtually guaranteed low adoption. Was this intentional? Did Meta always intend to use low uptake as justification for removal? These questions about the design of the feature have not been answered publicly.
How will Meta use the data it now has access to? The company has not published a data use policy for Instagram DM content. Without clear commitments, users have no way of knowing whether their private conversations will inform advertising, AI training, or other commercial activities.
What recourse do users have? Meta made this decision without user consultation and with minimal notice. Users who disagree with the change have limited formal options. The absence of user rights in this process is itself an important question that demands attention.
Law enforcement agencies including the FBI, Interpol, and national bodies in Australia and the UK had pushed for this change. Australia reportedly saw the feature deactivated before the global deadline. Digital Rights Watch and others are committed to pursuing answers to these unasked questions.