How to Protect Your Privacy on Instagram After End-to-End Encryption Removal

Introduction

Instagram recently ended its opt-in end-to-end encryption (E2EE) feature for direct messages, a move that contradicts years of public promises from Meta. While the company claims few users opted in, the reality is that the feature was buried under a complex process. This guide will help you navigate the new privacy landscape on Instagram and take actionable steps to secure your conversations. You'll learn what happened, how to adjust your settings, and alternative tools to maintain encrypted communication.

How to Protect Your Privacy on Instagram After End-to-End Encryption Removal — Source: www.eff.org

What You Need

An Instagram account (active or dormant)
Access to your Instagram settings on mobile or desktop
A WhatsApp account (optional but recommended for true E2EE)
Basic understanding of privacy concepts
Time to review and update your security preferences (about 15 minutes)

Step-by-Step Guide

Step 1: Understand What Happened and Why It Matters

In 2022, Meta published a white paper promising default end-to-end encryption across Messenger and Instagram DMs. In 2023, they bragged about encrypting Messenger. Yet in 2024, Instagram removed the optional E2EE feature, citing low opt-in rates. This is problematic because defaults matter – when security is optional and hidden, most people won't use it. By abandoning E2EE on Instagram, Meta leaves your DMs vulnerable to interception, data scraping, and government surveillance. Recognize this as a broken promise that affects millions of users worldwide.

Step 2: Evaluate Your Current DM Privacy Status

Check whether you had E2EE enabled before it was removed. Unfortunately, the feature is gone, but review your past conversations for any lingering indicators. Go to your Instagram Settings & Activity > Privacy > Messages. You’ll see options like “Show Message Requests” and “Block Message Requests.” Note that without E2EE, Instagram can read your messages for moderation and advertising. Understanding this baseline is crucial before taking next steps.

Step 3: Use WhatsApp for Truly Encrypted Conversations

Meta owns WhatsApp, which offers default end-to-end encryption for all messages. If you want private chats, migrate contacts to WhatsApp:

Open Instagram and save the conversation history (copy text, export if possible).
Invite your Instagram contacts to chat on WhatsApp via a shared link or direct message.
On WhatsApp, verify encryption by tapping the contact name > Encryption > scan the QR code or compare 60-digit number. For group chats, go to Group Info > Encryption.

While not ideal (you’re leaving Instagram), it’s the same company’s product that actually delivers on the promise.

Step 4: Enable Other Privacy Features on Instagram

Even without E2EE, you can tighten your privacy:

Switch to a private account (Settings > Privacy > Account Privacy > toggle Private Account). This prevents strangers from seeing your posts and stories.
Turn off activity status to hide when you’re active.
Disable message requests from strangers under Privacy > Messages > “Don't receive requests”.
Regularly audit your logged-in devices and revoke any unknown sessions.
Use two-factor authentication (2FA) with an authenticator app, not SMS.

These steps don’t encrypt your messages, but they reduce exposure to unwanted parties.

Step 5: Consider Third-Party Messaging Apps with Strong Encryption

For truly secure messaging, move beyond Meta’s ecosystem. Apps like Signal (open-source, default E2EE) or Threema (paid, no phone number required) offer better privacy. To use them with Instagram contacts:

Share your Signal/Threema username or phone number via Instagram bio or a one-time message.
Encourage friends to install the app – Signal’s simplified interface makes transition easy.
Remember that both apps are independent of Meta, so your conversations remain encrypted even if Meta decides to abandon encryption elsewhere.

This is a proactive way to ensure your private chats stay truly private.

Step 6: Advocate for Better Privacy Defaults

Silence signals acceptance. Press Meta to reinstate default E2EE on Instagram by:

Leaving feedback in the app (Settings > Help > Report a Problem). Mention that you want default end-to-end encryption.
Sharing your stance on social media using hashtags like #PrivacyMatters or #DefaultEncryption.
Supporting organizations like the Electronic Frontier Foundation (EFF) that campaign for strong encryption.
Asking your contacts to do the same – collective action can shift corporate priorities.

Meta’s statement pointed to WhatsApp as a workaround, but users deserve encryption regardless of platform. Help build pressure for change.

Step 7: Stay Informed About Future Changes

Tech companies often make and break promises quietly. To keep your privacy intact:

Follow reliable tech news sources (e.g., The Verge, Wired, TechCrunch) on Instagram or RSS.
Monitor Meta’s official blog for updates on messaging privacy.
Periodically review Instagram’s privacy policy – use a service like TOS;DR for simplified summaries.
When a new feature promises encryption, test it immediately and encourage adoption among your circle.

Being proactive is the only way to avoid being caught off-guard again.

Tips for Long-Term Privacy

Default to encrypted: Choose apps that enable E2EE by default, not as an opt-in. Signal is currently the gold standard.
Separate social from private: Use Instagram for public engagement and a dedicated app like Signal for sensitive conversations.
Beware of false substitutes: Meta suggests WhatsApp, but remember it’s still owned by the same company that broke its promise – WhatsApp’s encryption is verified, but trust is eroded.
Audit your digital footprint: Delete old DMs you don't need and review which third-party apps have access to your Instagram data.
Teach others: Share this guide with friends and family. Privacy is strongest when we all participate.

The removal of E2EE on Instagram is disappointing, especially as other companies like Google and Apple collaborate on encrypted RCS. However, you can still protect your conversations. By switching to WhatsApp or better alternatives, adjusting settings, and speaking out, you reclaim some control.