diff --git a/changelogs/client_server/newsfragments/2371.clarification b/changelogs/client_server/newsfragments/2371.clarification
new file mode 100644
index 00000000..47f74b60
--- /dev/null
+++ b/changelogs/client_server/newsfragments/2371.clarification
@@ -0,0 +1 @@
+Clarify that room messages can be encrypted.
diff --git a/content/client-server-api/modules/instant_messaging.md b/content/client-server-api/modules/instant_messaging.md
index a64baa25..b6066ecf 100644
--- a/content/client-server-api/modules/instant_messaging.md
+++ b/content/client-server-api/modules/instant_messaging.md
@@ -454,8 +454,7 @@ status code of 400.
 
 #### Security considerations
 
-Messages sent using this module are not encrypted, although end to end
-encryption is in development (see [E2E module](#end-to-end-encryption)).
+Messages sent using this module MAY be encrypted, see [End-to-End Encryption](#end-to-end-encryption).
 
 Clients should sanitise **all displayed keys** for unsafe HTML to
 prevent Cross-Site Scripting (XSS) attacks. This includes room names and