Telegram, a popular communication app, has finally agreed to turn over phone numbers and IP addresses of individuals using the app for illegal purposes.
Telegram is a free, cloud-based messaging app headquartered in Dubai, United Arab Emirates. The company has servers worldwide and originally had headquarters in Russia, but chose to relocate because of local IT regulations.
The app has garnered respect from many users for its near-constant siding with user privacy and free speech. Until now, Telegram had agreed only to disclose a user’s phone numbers and IP addresses if it received a court order confirming the user was suspected of terrorism.
But now, Telegram has agreed to update its privacy policy and will provide user phone numbers and IP addresses to authorities if the user is suspected of violating Telegram’s terms and conditions.
While Telegram is often viewed highly for its privacy and sleek design, the app has come under fire for being complacent in illegal practices. Because of its encryption features and history of siding with users, the app has become a harbor for bad actors.
It’s believed many use the platform to pirate films, access pornography, sell illegal goods, and more. The app has also been connected to numerous cybercrime activities, like malware distribution, hacktivism, and selling stolen credentials.
The change in policy comes after the announcement that the CEO, Pavel Durov, is being formally investigated in France for various offenses, including complicity in facilitating child pornography and drug sales.
According to Durov, Telegram recently skyrocketed in popularity, which resulted in difficulty in preventing illegal activity. “Telegram’s abrupt increase in user count to 950M caused growing pains that made it easier for criminals to abuse our platform,” said Durov. He hopes the new policy makes the app “safer and stronger.”
As part of the policy, users suspected of violating Telegram’s rules will undergo a “legal analysis” at the request of authorities. Durov says the policy will be implemented evenly around the world.
One expert, Alexander Leslie, an associate threat intelligence analyst at Recorded Future, said Telegram is one of the most used platforms for illicit activities. “The primary reason that criminals will use Telegram is to either amplify their business or for marketing purposes. You're going to see a lot of those public-facing channels, from fraud groups, from hacktivists, from malware operators (not necessarily from ransomware groups, because they don't consider it to be the most secure). But it's generally the public facing aspects of Telegram that allow cybercriminals to conduct a lot of business," said Leslie in an email.
Bogdan Botezatu, director of threat research and reporting at Bitdefender, said the organization, before the policy, had “all the mechanisms of driving cybercrime supply and demand together.”
As Telegram updates its policy, the question still remains of how quickly or easily it will be enforced. Unfortunately for some, the new policy may decrease Telegram’s current privacy features, but with rising cybercrime impacting hospitals, educational institutes, and critical infrastructure, it may be a step in the right direction.
Related: HIPAA Compliant Email: The Definitive Guide