Instagram Scraps Message Encryption in May 2026: KISS to Protect Reproductive Rights (EDRi)
By Rhian Farnworth with European Digital Rights (EDRi)
Meta quietly announced via the help center it is removing end-to-end encryption (E2EE) from Instagram messages on May 8, 2026. E2EE messages and calls ensure only you and the people that you're communicating with, can see or listen to your messages, and no one else can.
This change means that from May 8 2026, Meta will be able to read, scan, and analyse the content of all messages sent between all users. Meta will be able to not only read and analyse private messages, but also run ads based on their content, flag message content for policy violations, and hand over messages to law enforcement upon request.
Rewind to 2019. Mark Zuckerberg stated “The future is private”, and published a manifesto titled A Privacy-Focused Vision for Social Networking, while announcing Meta would move towards private, encrypted messages across all their platforms. Fast forward to 2026, the message is very different. E2EE on Instagram has been an opt-in service. A Meta spokesperson stated ‘Very few people were opting in to end-to-end encrypted messaging in DMs, so we're removing this option’. Meta however, declined to comment on what the numbers actually are.
For years, Meta has experienced criticism and regulatory pressure from child safety groups, and law enforcement in the UK, US, and Australia, as well as Interpol, arguing encryption hides criminal activities. The timing of May 8 is not accidental. The Take It Down Act is coming into force on May 19, requiring platforms to remove content within 48 hours of receiving removal notices. The act is designed for US law enforcement to deal with the sharing of non-consensual intimate imagery and deepfakes makes compliance challenging, as encryption stops Meta from seeing the content of E2EE messages.
Additionally this supports a wider pattern of reductions in privacy, with TikTok also announcing in March 2026 it would not implement E2EE as it ‘complicates safety teams and law enforcement investigations’. While it is not officially confirmed the implementation of the act and ending E2EE are related, the timing strongly suggests it could be a deciding factor, sending the message that US law and politics ripple out globally through Silicon Valley Big Tech.
What this means for sensitive reproductive health and rights information
When the content of (not-so) private messages is accessible to Meta and law enforcement (if requested), privacy is compromised and lost. This opens more possibilities for message content to be used in legal cases, something that Meta already demonstrated in 2022 they’re happy to do. In the wake of the Roe V Wade ruling, Facebook supplied the private messages shared between a mother and daughter on Messenger to police in Nebraska, for allegedly carrying out an illegal abortion. The messages, which discussed how to obtain abortion pills, were later used as evidence to convict the 17 year old and her mother of five charges.
Next to the risk of supplying messages to law enforcement, removing encryption also means messages can be used for profiling, targeted advertising, and become more vulnerable to data breaches. As noted, for those discussing sensitive information via Instagram messages (like abortion services, access to abortion healthcare, medical information, mental health, or other sensitive topics) this could have grave consequences as privacy and confidentiality between message-senders is retired. By removing the right to encryption and the ability to conduct secure online activities - something which is often a vital lifeline for vulnerable and marginalised communities - trust in communications is lost.
Privacy First Communications: Move to Signal
It's essential to keep your messages and personal information secure and private between the send and receiver only. We recommend using the messaging service Signal to keep chats and calls secure through their end-to-end encryption. Signal cannot read your messages or listen to your calls, and there are no ads or trackers. Signal is a privacy first, non-profit organisation supported by grants and donations, and not tied to Big Tech companies. Their free services allow you to make calls and send messages, voice notes, photos, videos, GIFs, and files. Signal uses your phone's data connection, avoiding SMS and MMS fees.
What can you do to protect reproductive privacy: Keep It Safe and Secure (KISS)
Repro Uncensored is partnering with EDRi on the Keep it Safe and Secure Campaign (KISS), advocating to keep communication systems free of unjustified intrusion and protect the right to privacy. KISS is led by leading digital rights organisations at a European and International level, represented by technologists, activists, victims of spyware, journalists, and human rights defenders, advocating for a ban on spyware and measures to protect encryption.
In democratic societies, the right to safe and secure communications is essential, enabling us to work, socialise, organise, express ourselves, and connect with each other, without surveillance. Privacy-preserving technologies are essential to communicate safely with journalists and lawyers, in medical-settings, and sustain safe communications with our communities.
Instagram’s ‘retirement’ of encryption is not unique, and follows a pattern of wider privacy infringements as attacks on privacy and encryption are happening globally. In Europe, the European Law Enforcement Agency Europol, is pushing to legalise hacking methods by ordering service providers to build vulnerabilities into technology systems, and state actors campaign for police and intelligence services to break encryption and have access to our data. These attacks will impact those most in need of reproductive health information, advice, and care, and those providing essential medical assistance.
TAKE ACTION
Sign the Ban Spyware, Protect Encryption petition today, and demand the protection of basic privacy rights.