Telegram isn't end-to-end encrypted by default — and after Durov's arrest, it started handing over user data
Telegram's regular chats have never been end-to-end encrypted; only opt-in “Secret Chats” are. Weeks after CEO Pavel Durov's August 2024 arrest in France, Telegram updated its policy to disclose users' IP addresses and phone numbers to authorities on valid legal requests.
01What actually happened
Telegram's default cloud chats and group chats are not end-to-end encrypted — only one-to-one “Secret Chats” are, and they are not the default. On 24 August 2024, French authorities arrested Telegram co-founder Pavel Durov at Le Bourget airport, and he was indicted on charges including complicity in distributing illegal content and failing to cooperate with law enforcement. On 23 September 2024, Telegram revised its privacy policy to say it would share users' phone numbers and IP addresses with authorities in response to valid legal requests; Telegram later reported disclosing data on thousands of users to U.S. authorities in 2024.
02Why it matters
If encryption isn't on by default — or the company holds the data and the keys — then “encrypted app” is a marketing label, not a guarantee, and the provider can be legally compelled to turn over what it can see. Cipher is zero-access and ties accounts to no phone number, so there is no default-plaintext store and no phone or IP identity for the company to hand over.
Sources
- NPR · Aug 2024Telegram CEO Pavel Durov indicted in France
- The Record · Sep 2024Telegram says it will share phone numbers and IP addresses with authorities
- BleepingComputer · 2024Telegram hands over data on thousands of users to US law enforcement
We describe only what these sources report. If you think we've framed something inaccurately, tell us — accuracy is the whole point.
Cipher is built for exactly this gap: zero-access encryption, no phone number, on-device AI, and minimal metadata — so the failure in this story can't happen the same way.
See how the architecture works