Meta recently announced that Instagram will roll back end-to-end encryption for app messages starting next month (8 May 2026).
As users consider shifting their conversations to other, more secure platforms, cybersecurity experts warn that staying in Meta’s ecosystem and using Messenger could be a step towards even less privacy.
A recent study by Surfshark revealed that Messenger is the most data-hungry messaging app, collecting 32 out of 35 possible data types from the App Store, primarily for advertising, behavioral analysis, and product personalisation.
Nikodemas Zaliauskas, cybersecurity expert at Surfshark, says that without end-to-end encryption, Meta could potentially scan Instagram messages’ content or feed data into AI training systems.
“Whether you are a politically prominent figure or a privacy-conscious citizen, using a service that lacks end-to-end encryption means that the company potentially can access your messages. This lack of protection raises serious questions about the company’s commitment to protecting user data and ensuring digital privacy. If end-to-end encryption is being disabled on Instagram, and the company can just backtrack its privacy statements, who’s to say that the same won’t happen to Meta’s Messenger?”
The study reveals that 90% of the analysed messaging apps already have AI features, from conversation summaries to real-time translation. While these features are convenient to some, they also raise concerns about granting access to information that should be private and visible only to the sender and receiver.
“It’s crucial to understand that users aren’t just sharing information with a friend, but they’re actually providing data to the company that owns the app. Popular platforms often collect a wide range of user data for various purposes, including advertising, product personalisation, user behavior analysis, and even tracking.
“As a result, when you choose a platform that gathers extensive data or integrates AI into your conversations, that’s where privacy basically ends,” says Zaliauskas.
Messaging apps privacy ranking
Signal tops the rankings with the best privacy score, pairing end-to-end encryption with quantum-secure cryptography while collecting virtually no user-linked data. Apple’s iMessage offers similar cryptographic protections but collects 10 types of data.
Meta itself is pointing privacy-conscious users toward its other messaging platform, WhatsApp, where end-to-end encryption remains the default and, at least for now, isn’t slated for removal.
At the bottom, with the lowest score, Surfshark experts rank LINE, Discord, Rakuten Viber Messenger, and Meta Platforms Messenger. According to information in the App Store, LINE, Discord, and Rakuten Viber Messenger are the only apps that may collect data for user tracking.
Meanwhile, Messenger by Meta Platforms is notable for stating that it may collect a wide range of data types (32 out of 35 listed in the App Store) and use most of them (30) for purposes beyond app functionality.
Study methodology
To assess the privacy of popular messaging apps, five criteria were used: encryption type (quantum-secure or not), number of data types collected, whether data is collected for user tracking, data types used beyond app functions, and AI feature integration. These factors equally determine each app’s privacy score, which is then categorized into five levels from high to low to reflect their commitment to user privacy and security.