Table of Contents
SWe have entered a world where CEOs of major social media platforms are arrested and detained. It is a major shift, and it did not happen in the way anyone expected. From Jennifer Rankin in Brussels:
French judicial authorities on Sunday extended the detention of the Russian-born founder of Telegram. Pavel Durovafter his arrest at a Paris airport for alleged crimes related to the messaging app.
When this detention phase is over, the judge can decide to release him or press charges and keep him in pretrial detention.
French investigators had issued an arrest warrant for Durov as part of an investigation into allegations of fraud, drug trafficking, organised crime, promoting terrorism and cyberstalking.
Durov, who holds French, Emirati, St. Kitts and Nevis and Russian citizenship, his country of birth, was arrested as he disembarked from his private jet after returning from Azerbaijan’s capital Baku. On Sunday evening, Telegram issued a statement:
⚖️ Telegram complies with EU laws, including the Digital Services Act: its moderation is within industry standards and is constantly improving.
✈️ Telegram CEO Pavel Durov has nothing to hide and frequently travels around Europe.
😵💫 It is absurd to claim that a platform or its owner is responsible for the abuse of that platform.
On Monday, French authorities said Durov’s arrest was part of a cybercrime investigation:
Paris prosecutor Laure Beccuau said the investigation involved crimes related to illicit transactions, child sexual abuse, fraud and refusal to disclose information to authorities.
At first glance, the arrest seems like a radical break from the norm. Governments have exchanged strong words with messaging platform providers in the past, but arrests have rarely been made. When platform operators are arrested, as in the cases of Ross Ulbricht for Silk Road and Kim Dotcom for Megaupload, it is usually because authorities can argue that the platform would not even exist if it were not for the crime.
Telegram has long operated as a low-moderation service, partly because of its roots as a chat app rather than a social network, partly because of Durov’s own experience dealing with Russian censors and partly, as many have argued, because it’s simply cheaper to have fewer moderators and less hands-on control of your platform.
But even if a soft moderation team can expose a company to fines under laws like the UK’s Online Safety Act and the EU’s Digital Services Act, it’s rare for this to lead to personal charges — and rarer still for those charges to result in an executive being sent to pretrial detention.
Encryption
But there’s one quirk about Telegram that puts it in a slightly different position than peers WhatsApp and Signal: the service isn’t end-to-end encrypted.
WhatsApp, Signal, and Apple’s iMessage are all designed from the ground up to prevent anyone other than the intended recipient from reading content shared on the services. This includes the companies that run the platforms, as well as any law enforcement agencies that might ask for their help.
This has led to a great deal of friction between some of the world’s biggest tech companies and the governments that regulate them, but for the moment, the tech companies appear to have won the main battle. No one is seriously calling for end-to-end encryption to be banned, with regulators and critics instead calling for approaches such as “client-side scanning” to try to police messaging services in other ways.
Telegram is different. The service offers end-to-end encryption, via a little-used feature called “secret chats,” but by default, conversations are encrypted only to the extent that they can’t be read by any random person connected to your Wi-Fi network. For Telegram, any message sent outside of a “secret chat” (which includes all group chats and all messages and comments in one of the service’s broadcast “channels”) is effectively unencrypted.
That product decision sets Telegram apart from its peers, but, interestingly, the company’s marketing implies that the distinction is almost exactly the opposite. Cryptography expert Matthew Green:
Telegram CEO Pavel Durov has continued to aggressively promote Telegram as a “secure messenger.” Most recently, issued a scathing critique of Signal and WhatsApp on his personal Telegram channel, implying that the US government had hacked those systems and that only Telegram’s independent encryption protocols were truly trustworthy.
It’s no longer fun to watch the Telegram organization urge people to stop using encrypted messengers by default, while refusing to implement essential features that would widely encrypt its own users’ messages. In fact, it’s starting to look a little malicious.
I can’t or I don’t want to
The result of this mismatch between Telegram’s technology and its marketing is unfortunate. The company (and Durov himself) is marketing its app to people who are concerned that WhatsApp and even Signal, the gold standard of secure messaging apps, aren’t secure enough for their needs — and in particular, aren’t secure enough from the U.S. government.
At the same time, if a government comes knocking on Telegram’s door asking for information about a bad guy, real or suspected, Telegram doesn’t have the same security as its peers. An end-to-end encrypted service can truthfully tell law enforcement that it can’t help them. In the long run, that tends to create a pretty hostile atmosphere, but it also turns the conversation into a general conversation about privacy principles versus police surveillance.
Telegram, by contrast, has to choose between helping law enforcement, ignoring it, or openly saying it won’t cooperate. Those options are no different than those faced by the vast majority of online companies, from Amazon to Zoopla, but Telegram’s user base is made up of people who want safety from law enforcement.
Every time Telegram says “yes” to the police, it infuriates that user base. Every time it says “no,” it plays a game of “vulture” with law enforcement.
The contours of the disagreement between France and Telegram will inevitably boil down to a conversation about “content moderation,” and supporters will group together accordingly (Elon Musk has already gotten involved, tweeting “#FreePavel”). But that conversation is usually about publicly posted material — about what X or Facebook should or shouldn’t do to manage speech on their sites. Private and group messaging services are a fundamentally different offering, which is why mainstream services with end-to-end encryption exist. But in trying to straddle both markets, Telegram may have lost its defenses for both.
Last call for questions
My final day at the Guardian is fast approaching and next week’s email is directed at you, the readers. If there is a question you’ve been meaning to answer, something that’s been on your mind for years or if you’re just interested in the inner workings of Techscape, please reply to this email or contact me directly at alex.hern@theguardian.com. Ask me anything.
He Broader Techscape
Apparently unrelated to Durov’s arrest, a group of Far-right Telegram channels have been coordinating Attacks on the US power grid.
The trailer for Megalopolis was taken down after it turned out that almost all of the quotes it contained were fake; it seems that someone simply… asked a chatbot for some negative reviews of Francis Ford Coppola’s films and He hallucinated happily..
Here’s one for all those who think Image editing with AI is Same as Photoshop.
I’m always fascinated Deep online deception. It looks like a network of supposed accessibility activists It may not have existed at all.