If you use Instagram to send direct messages (DMs) to friends and family, the firm has just removed one of the features that made it totally private to do so. As of May 8, Instagram no longer offers end-to-end encryption (E2EE) for DMs, reversing a decision parent company Meta made in 2019 to add the technology to the app.

Introduced to DMs in the past few years, E2EE ensured that DMs sent over Instagram were completely secure, only readable by the sender and the recipient. E2EE is used by default in Meta's other messaging app WhatsApp, and in Facebook Messenger for personal messages.

However, E2EE encryption was not on by default on Instagram DMs, instead existing as a hidden, opt-in option. Telegram offers E2EE in this way also.

"If you have chats that are affected by this change, you will see instructions on how you can download any media or messages that you may want to keep," Instragram said on a support page on its website.

A Meta spokesperson told PCMag that the decision to remove the option for private DMs was made because "very few people were opting in to end-to-end encrypted messaging in DMs. Anyone who wants to keep messaging with end-to-end encryption can easily do that on WhatsApp."

The move has been met with criticism from privacy experts.

"The excuse of 'low opt-in rates' is a classic Big Tech distraction," said Matthew Hodgson, Co-Founder and CEO at Element, a secure communications platform.

"If the future were actually private, privacy would be the default, not a hidden setting Meta can delete when it suits its bottom line. Today's U-turn proves that if you don't own your keys, you don't own your data. Real privacy shouldn't be subject to a corporate change of heart."

Mark Zuckerberg announced plans for Meta (then still called Facebook) to bring E2EE to its products in 2019, saying "the future is private".

Duly the tech was introduced to Facebook Messenger and Instagram, but now that Instagram has no E2EE, it means that technically Meta can intercept and read all of your communications with all of your contacts in your DMs.

"Seven years of Meta promising that "the future is private" gone in a single quiet update. Pulling the plug on Instagram encryption is a white flag to surveillance, and a gift to their own AI training sets.

"By switching off end-to-end encryption, Meta is claiming the keys to your private life," said Hodgson.

"It has decided that the data harvested from your voice notes and DMs is more valuable than your fundamental right to a private conversation.

Other popular products such as Google's Gmail are not end-to-end encrypted, which allows for targeted advertising and the growing use of personalised artificial intelligence. Without access to the contents of your emails, Google claims it cannot provide tailored AI services.

As well as Meta's WhatsApp, Apple's iMessage messaging service is end-to-end encrypted, as are communications via the private messenger Signal.