Telegram founder Pavel Durov's arrest brought speech rights back to the forefront of public discussion, despite the fact that we should actually speak about data privacy instead. Knowledge, data and information are always among the most valuable things people search for, in this over-connected world we live in, the platform each person or company uses will be crucial for ensuring our own personal and professional privacy.
But sometimes, those decisions are side by our own, resulting from ignorance or convenience issues. Often praised as a stronghold of privacy, Telegram is one of those messaging apps that has attracted great confidence, especially among companies, activists and political groups. But the conviction that Telegram is intrinsically more secure than its rivals is not only ill-founded but also dangerously utopian.
Telegram's reputation as a secure messaging tool mainly comes from its encryption claims and its alternative to popular platforms like WhatsApp and Facebook Messenger. On closer inspection, though, Telegram's security architecture is clearly plagued with serious vulnerabilities.
Telegram's encryption is not as reliable as many users think. It is only in its "secret chats," which users must personally activate, meaning Telegram has access to all chats that aren't "secret" since regular chats on Telegram are encrypted just between the user and Telegram's servers. This is in sharp contrast to other platforms that guarantee end-to-end encryption, like WhatsApp or Signal, for all communications, making them unreachable to anyone but the intended recipient.
But Telegram's closed-source character is the most worrisome element. Any company that upholds data security and confidentiality should be wary of this lack of openness, particularly considering this app is connected to Russia, known for its anti-Western stance and several information operations against the U.S., and Europe.
Telegram's dubious ties to Russia add to the security concerns. Founded by Russian Pavel Durov, who left the country after running short of the Kremlin, Telegram has long been considered a thorn in the side of the Russian government. Recent events, however, point to the possibility that this narrative might be a component of a more convoluted and alarming tale.
Edward Snowden has publicly defended Durov and Telegram. Although Snowden's support would seem like a badge of honor, it is important to keep in mind that he is currently a resident of Russia, so most likely he is a Kremlin agent rather than a free Russian citizen.
Plus, the recent support for Durov from Maria Butina, a Russian politician in the Kremlin, following his detention in France only adds to the mounting body of evidence implying that Telegram may not be as independent of Russian influence as it claims. Dismissing the idea that Telegram might be an independent tool becomes more challenging when important Russian officials band together behind the app's creator.
The fact that opposition leaders in Russia, most famously during demonstrations against Vladimir Putin's government, support Telegram's credibility is among the most tenacious arguments in favor of it. But this story is another illusion designed to boost the profile of the platform in the West and forward Moscow's strategic goals.
By letting Telegram be a key asset in these demonstrations, the Kremlin would keep some distant control over this messaging app, where its users would feel false security. By allowing opposition movements to use the platform, the Russian government could have watched and regulated them behind the scenes. This would not only neutralize possible dangers but also establish Telegram as a defender of free speech, making it appealing to a worldwide readership. This is a classic example of a successful information operation where Russia and Putin don't have a lesson to take.
For organizations running under the belief that Telegram is a safe substitute, the possible repercussions are severe. Indeed, sensitive data uploaded on the platform could readily find its way into the wrong hands. Telegram runs in the shadows, unlike other platforms that routinely publish transparency reports and turn to independent audits. Its servers, located in undisclosed locations, might very well be under Russian jurisdiction, potentially providing the Kremlin access to enormous volumes of user data.
Given these risks, organizations have to reassess their choice of communication methods. Blind faith in Telegram, or any platform free from thorough examination, may have disastrous results. The conviction that Telegram is a safe choice goes beyond mere error; it's a dangerous illusion that might undermine the very basis of confidentiality and privacy. In a world where data is a main target, vigilance is not only recommended but also crucial.