10 Instagram Privacy Settings You Need to Change — Indian Edition

India has 455+ million Instagram users — and most of them have never touched their privacy settings. With India’s 2026 data sharing laws making it easier for authorities to access your information on valid legal orders, managing what you share proactively has never been more important.

Here are 10 settings every Indian Instagram user should review right now.

1. Switch to a Private Account (If You’re Not a Creator)

If you’re using Instagram purely for personal use — chatting with friends, following meme pages — there’s no reason to keep your account public. A private account means only approved followers see your posts, Stories, and Reels.

How: Settings → Privacy → Account Privacy → Toggle “Private Account” on.

Why it matters in India: Public posts can be accessed, screenshotted, and used without your knowledge. Under the IT Rules, content that’s publicly visible is easier for authorities to reference in legal proceedings.

2. Review Your Activity Status

By default, Instagram shows your contacts when you were last active (“Active 2 minutes ago”). This is a privacy leak most people don’t think about.

How: Settings → Privacy → Activity Status → Toggle off.

3. Control Who Can See Your Stories

Stories disappear in 24 hours, but they can be screenshotted and shared. You can hide your Stories from specific people or create a “Close Friends” list for sensitive content.

How: Settings → Privacy → Story → Choose “Hide Story From” and add accounts. Use “Close Friends” for personal content.

4. Disable Location Sharing

Instagram can attach location data to your posts and Stories. In a country where law enforcement can request your location data, minimising this trail is smart privacy practice.

How: On your phone, go to Settings → Apps → Instagram → Permissions → Location → Set to “Never” or “Only While Using.” Also, don’t add location tags to posts unless necessary.

5. Limit Data Sharing With Third-Party Apps

Every time you “Log in with Instagram” on another app or website, you’re sharing data. Review and remove apps you no longer use.

How: Settings → Security → Apps and Websites → Remove apps you don’t recognise or no longer use.

6. Turn On Two-Factor Authentication

Account hacking is rampant in India. Two-factor authentication (2FA) adds a second layer of security beyond your password.

How: Settings → Security → Two-Factor Authentication → Choose “Authentication App” (more secure than SMS, which can be SIM-swapped).

Indian context: SIM swap fraud is particularly common in India. Using an authentication app like Google Authenticator is significantly safer than SMS-based 2FA.

7. Review Tagged Photos & Mentions

Anyone can tag you in photos or mention you in posts — including in spam or inappropriate content. You can require approval before tagged content appears on your profile.

How: Settings → Privacy → Tags → Toggle on “Manually Approve Tags.” Also check: Settings → Privacy → Mentions → Set to “People You Follow” or “No One.”

8. Download Your Data Periodically

Under the DPDP Act 2023, you have the right to access your data. Instagram lets you download a copy of everything they have on you — posts, messages, login history, ads you’ve interacted with, and more.

How: Settings → Your Activity → Download Your Information → Request Download.

Why: This lets you see exactly what Instagram stores about you. It’s also useful evidence if you ever need to file a complaint.

9. Manage Your Ad Preferences

Instagram tracks your behaviour to serve targeted ads. While you can’t fully stop this, you can limit it:

How: Settings → Accounts Centre → Ad Preferences → Review and adjust your ad topics and activity tracking preferences.

10. Check Login Activity Regularly

Instagram shows you all devices and locations where your account is currently logged in. Check this regularly to spot unauthorised access.

How: Settings → Security → Login Activity → Review all sessions. Tap “Log Out” on any device you don’t recognise.

Indian context: If you see logins from cities you’ve never visited, change your password immediately and enable 2FA. Then check if any DMs were sent from your account — unauthorised access can be reported as a cybercrime.

Bonus: Understand What You Can’t Control

Even with perfect privacy settings, certain data remains accessible to Instagram and, through legal orders, to Indian authorities:

• Your IP address and device information (logged automatically)
• Your registration details (email, phone number)
• Metadata about your activity (when you log in, how long you use the app)
• Content you’ve posted, even if deleted (retained for 180 days under IT Rules)

For a full understanding of what data Instagram can share and when, read our complete guide to Instagram data sharing with the Indian government. And for the broader legal framework, check out our India’s Digital Laws For Dummies interactive e-book.

Privacy is a right, not a privilege. Indiagram helps every Indian Instagram user understand and protect their digital rights.