The editorial argues that Meta spent years building E2EE infrastructure only to disable it, proving that when encryption keys live on someone else's infrastructure, 'encryption by default' can be reversed at any time. The speed and completeness of the reversal underscores that users never truly controlled their own privacy on Instagram.
Submitted the story which garnered 237 points and 150 comments, reflecting genuine alarm in the developer community not because the reversal was surprising, but because it demonstrated how quickly a platform can unwind encryption commitments once priorities shift.
The editorial identifies the UK Online Safety Act, EU regulations, and Australian government pressure as the proximate cause, noting these laws effectively make platforms liable for content they cannot inspect. When forced to choose between maintaining E2EE and operating in major markets, Meta chose market access — and the editorial warns every other platform is watching this precedent.
The editorial contrasts Meta's capitulation with Signal's repeated public commitments to exit markets rather than weaken encryption, and Apple's 2023 threat to pull iMessage from the UK. The implication is that Meta's 2-billion-user scale and advertising business model make it uniquely unable to resist regulatory demands, whereas smaller privacy-focused services can credibly refuse.
The source article reports on the reversal in the context of Zuckerberg's 2019 manifesto titled 'A Privacy-Focused Vision for Social Networking,' which described encryption as the future of all Meta messaging. Seven years later, Instagram DMs are returning to plaintext, casting the original manifesto as aspirational branding rather than a binding architectural commitment.
Meta has shut down end-to-end encryption for Instagram direct messages. The move reverses the company's multi-year push to bring E2EE across its messaging platforms — a project that Zuckerberg himself championed in a 2019 manifesto titled "A Privacy-Focused Vision for Social Networking." That document described encryption as the future of all Meta messaging. Seven years later, Instagram DMs are going back to plaintext.
Meta spent years and significant engineering resources building E2EE infrastructure for Instagram messaging, only to disable it — proving that platform-controlled encryption is a policy toggle, not a user right. The company had completed its rollout of default E2EE for Messenger in December 2023, and Instagram DMs were following a similar trajectory. Now that trajectory has been reversed.
The Hacker News discussion around this story (scoring 237 points) reflects genuine alarm in the developer community — not because anyone was surprised that Meta would prioritize compliance over privacy, but because the speed and completeness of the reversal underscores how fragile "encryption by default" is when the keys live on someone else's infrastructure.
The proximate cause is almost certainly regulatory. Governments in the UK, EU, and Australia have been escalating pressure on platforms to provide law enforcement access to messaging content, primarily framed around child safety. The UK's Online Safety Act, which gained enforcement teeth in 2025, effectively makes platforms liable for content they can't inspect. When the choice is between maintaining E2EE and operating in major markets, Meta chose market access — and every other platform is watching.
This isn't a theoretical debate anymore. Apple threatened to pull iMessage from the UK over similar demands in 2023 but ultimately didn't have to follow through. Signal has repeatedly stated it would exit markets rather than compromise encryption. Meta, with 2 billion Instagram users and an advertising business that depends on global reach, doesn't have that luxury. The company's business model requires being everywhere, which means complying everywhere.
The technical reality is worth understanding clearly. End-to-end encryption in a platform like Instagram was always architecturally different from, say, Signal's implementation. In Signal's model, the server genuinely cannot read messages — the protocol is designed so the company has nothing to hand over even under legal compulsion. In Meta's model, the company controlled the client, the server, and the key management — E2EE was a policy choice enforced by code they could change at any time. This distinction matters enormously.
Cryptographers and security researchers have long pointed out that E2EE in a closed-source, platform-controlled client offers weaker guarantees than in an open-source, independently auditable one. You're trusting the company not to push an update that silently changes behavior. Meta just demonstrated exactly why that trust model is fragile.
Governments have consistently framed encryption rollbacks as child safety measures, and Meta's stated reasoning follows this pattern. The argument is straightforward: encrypted DMs make it impossible for platforms to detect child sexual abuse material (CSAM) or grooming behavior using server-side scanning.
This framing puts privacy advocates in an uncomfortable position, and that's by design. But the technical community's counterargument is equally straightforward: backdoors and scanning systems don't stay limited to their stated purpose. Every content-scanning system ever deployed for a narrow purpose has eventually been expanded — and once encryption is removed, the infrastructure for mass surveillance of private messages exists whether or not any government currently demands it.
The EU's proposed "chat control" regulation, which would mandate client-side scanning of encrypted messages, shows where this trajectory leads. Meta removing E2EE from Instagram is the path of least resistance — it's easier to just turn off encryption than to build the complex, controversial client-side scanning systems that would preserve some form of E2EE while still satisfying regulators.
If you're building products that involve user-to-user messaging, this is a case study in architectural decisions. The lesson is blunt: if encryption can be toggled off by the platform operator, it's a feature, not a security property. For any application where message privacy is a genuine requirement — healthcare, legal, financial, whistleblowing, journalism — you need encryption where key management is not controlled by a single entity that answers to regulators.
Practically, this means:
For product teams using Instagram DMs as a customer communication channel: Treat Instagram DMs as equivalent to email in terms of privacy — that is, assume everything is readable by Meta and potentially by law enforcement with appropriate legal process. If you're in a regulated industry, this may require updating your data processing documentation.
For developers building messaging features: Study the Signal Protocol (open source, well-documented, battle-tested) as the baseline for what real E2EE looks like. If you're building on top of platform messaging APIs (Instagram, WhatsApp Business, etc.), your privacy guarantees are bounded by the platform's current policy, not by cryptography.
For security and compliance teams: Audit which communication channels your organization treats as "encrypted" and verify whether that encryption is architecturally enforced or policy-enforced. Meta's reversal is a reminder that the distinction matters.
WhatsApp, Meta's other major messaging platform, retains E2EE for now. But the precedent has been set within Meta's own product family. If regulatory pressure intensifies — and there is no indication it will ease — WhatsApp's encryption is defended by the same policy decisions that just failed for Instagram.
Meta's decision will likely accelerate two trends in opposite directions. Governments will be emboldened to push harder on remaining encrypted platforms, having demonstrated that major tech companies will comply when pressed. Simultaneously, privacy-conscious users and developers will migrate further toward platforms where encryption is a protocol-level guarantee, not a product feature. Signal, Matrix/Element, and self-hosted solutions will see increased interest — not because they're suddenly better, but because the "good enough" middle ground of platform-provided E2EE just got visibly hollowed out. The encryption debate was never really about math. It was always about who holds the keys — and Meta just reminded everyone that the answer was always "Meta."
> 'Very few people were opting in to end-to-end encrypted messaging in DMs,' Meta says.Then why didn't you make the opt-in default like Signal and WhatsApp? :-)
I'm not sure if this meets the bar for substantive and thoughtful discussion, but this kind of corporate cowardice, enforced by unelected bureaucrats standing at the bully pulpit is only going to get worse as the noose tightens on the open web.The combination of hardware attestation and walled
> Our messaging system has long been designed to balance user privacy with the ability to respond to scams, harassment, and other safety concerns when users report them or when required by lawTikTok about why they won’t put e2e for private messages.I guess it’s reasonable to give up privacy to sa
Put simply:I’ve talked to Apple engineers.Siri fell behind due to how good Apple’s privacy is.Everyone made fun of them for protecting them.This is exactly the opposite of that, where Mark is throwing you and your children under the bus again because he’s unoriginal and doesn’t know how to make mone
Top 10 dev stories every morning at 8am UTC. AI-curated. Retro terminal HTML email.
Centralized proprietary software on on proprietary platforms can always be opted into a special update that makes all the private keys deterministic making end to end encryption useless for anyone with knowledge of that targeted backdoor.Only FOSS can deliver verifiable E2EE, and all centralized and