Sharing of Telegram User Data Surges After CEO Arrest

Before September 2024, policy of encrypted communications provider Telegram stated it would only share user data with law enforcement in instances of terrorism. That was until the company's Russian-born CEO Pavel Durov was arrested in France in late August and released on a $5 million bond.

By late September, Telegram had changed its tune — agreeing to give law enforcement user information, including phone numbers and IP addresses in cases of fraud and other cybercrimes. Telegram also committed to producing transparency reports on the data it released as a result of law enforcement requests. And according to Telegram's latest transparency report, the platform's cooperation with the cops has indeed exploded since September.

According to Telegram, the company only responded to 14 requests from the US government in the first nine months of 2024, affecting a total of 108 users, 404 Media was first to report. By the end of the year, Telegram reported it had met a total of 900 requests from the US, affecting 2,253 users.

The next report is expected from Telegram in April.

Telegram's Data Sharing Policy Moves Cybercrime Needle?

At the time of Durov's arrest last year, experts predicted the additional pressure on Telegram would have little effect on its thriving cybercrime operations. In the short term, arrests and fragmenting of certain cybercrime operations will likely produce some benefit for cyber defenders, but ultimately they will find other places to do their illegal business, according to Callie Guenther, senior manager of cyber-threat research for Critical Start.

Related:Pentagon Adds Chinese Gaming Giant Tencent to Federal Ban

"This development is expected to prompt many cybercriminals to migrate to alternative platforms that prioritize privacy or employ decentralized infrastructures," she says. "Platforms such as Signal or Session, as well as services on the darknet, may become the next hubs for illicit activities, but this migration could also create a more fragmented ecosystem, complicating law enforcement efforts and requiring additional resources to monitor new avenues."

In the longer term, Telegram's policy shift represents a wider trend of increased government pressure on technology companies to cooperate with law enforcement activities, Guenther adds, pointing to Durov's arrest as a high-profile example.

"The trade-off between privacy and security remains contentious," Guenther says. "Over time, cybercriminals are likely to adapt to the new landscape, increasing the operational complexity for both investigators and cybersecurity professionals. Balancing these considerations will be essential to addressing the evolving dynamics of online threats without undermining broader privacy protections."

Related:Treasury Dept. Sanctions Chinese Tech Vendor for Complicity