Telegram CEO was 'too free' on content moderation, says Russian minister Telegram CEO Pavel Durov, who was cuffed and charged by the French police last week, was "too free" in his approach to managing the global messaging platform, according to Russia's foreign minister. Photo by MediaGroupBestForYou / Shutterstock Big Tech has failed to police Russian disinformation, EC study concludes READ MORE …
To be pedantic, it's not *end to end* encrypted *by default*. But it is "encrypted". Problem is being "encrypted" might not be enough.
The traffic between the server and client is always encrypted. But the *server* can read your messages. (This is done as a convenience in case you need to access said messages from another device.)
If you don't trust the server (or whoever might break into it it future), you do have the option of using end-to-end encryption. It's just not on by default like it is on Signal.
The problem isn't encryption, since as noted Telegram is not encrypted except in specific circumstances.
The problem is that Telegram 1) stores messages on its servers, 2) the vast majority of those messages are not encrypted in a way Telegram can't decrypt them, 3) they have set things up in a way as to make it nearly impossible for court ordered subpoenas to work.
Indeed, Telegram brags that they've NEVER had to abide by a court ordered subpoena. They store pieces of messages and decryption keys in various non cooperating jurisdictions, so even if you can serve a subpoena on them in 2 or 3 jurisdictions, you'll need 1 or 2 more to be able to get at the message which you can't get because one jurisdiction won't cooperate when (for example) the US or UK is requesting something, another won't cooperate when India is requesting something, a third won't cooperate when Iran is requesting something.
It is failure to respond to lawful subpoenas that seems the big problem with Telegram. They HAVE the data, they have ACCESS to the data, but they set things up so that they'd never have to produce it because you can't get the full list of court orders. I mean they do produce the data a court orders them to but the data is useless without getting all the pieces so you can assemble the complete and decrypted message. Someone like Signal who NEVER had the data aren't the target of subpoenas, so they won't run afoul of this particular scenario.
Now maybe someday they decide to come after the encrypted messengers, but going up against the likes of Meta and Apple is a lot bigger hill to climb than going after Telegram.
going up against the likes of Meta and Apple is a lot bigger hill to climb than going after Telegram
no it's not, it's a lot easier since they're 100% in US jurisdiction. But they don't need to go after them since they're already backdoored by the NSA/CIA/FBI/Pegasus. Did you forget what Edward Snowden had revealed ? Or the recent admission by Zuckerberg ?
Not a chance. Because they're E2EE no one knows what's being exchanged or said on those platforms. Therefore LEA cannot make any requests for content (they can however ask for IP addresses) and when they do WhatsApp / Meta will tell them they cannot oblige because of the encryption.
The most powerful feature of WhatsApp is Disappearing Messages, which makes it almost impossible for LEA to build a case against someone.
Not that impossible, the database is unencrypted and doesn't immediately delete rows.
This post has been deleted by its author
(which it isn't, by default, and it doesn't make it easy to turn on, either) then there might be more of a story here. They do have a responsibility (both legally and morally) to prevent their platform from becoming an enabler of bad behavior, to the extent they have visibility into that behavior.
Again, telegram is mostly an unencrypted platform, but if it was using end to end encryption then things get tricky. It's difficult to reconcile end to end encryption with content moderation. One option would be client side moderation, which aside from being unreliable and easily circumvented also posses some difficult privacy issues, as Apple discovered when there was a backlash against their proposal to scan stuff before (encrypted) upload to iCloud. No scanning model (especially not one that can run in near real time on a phone) is going to be foolproof.
I kind of wonder if maybe this kind of thing could be an application of homomorphic encryption. That is, being able to process the data (like determining if it is in fact violating policies, without being able to actually decrypt it. I have a feeling that no, that's probably not possible, because the applications for homomorphic encryption are quite limited. But maybe worth some thought.
Lavrov and Peskov are rather inept beauticians trying to mask Russia's droopy obsolecence by smear-pasting lipstick on that "mother"land's wrinkled prune. A strong Putin would have long dissolved them in vats of acidic vodka, but there's no such thing ... as a strong Putin. China's the new Russia these days IMHO, naively feeling strong, but headed for that same coy dustbin of recycled history, eventually.
Durov tried to escape this insufferable totalitarian nonsense through Dubai (not Beijing!), but as a vain narcissistic spoiled toddler firehose of sperm (100+ sprogs in 12 motherlands), he woefully ignored that "With freedom comes responsibility" ... and the rest is living history where, as luck would have it (for him), the Moulin Rouge replaces the Bastille!
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
