Telegram is asking German users when to share information with law enforcement
We, the Telegram team, ask you to give us your opinion on how the data of German Telegram users may (or may not) be shared with German authorities, including the German police (BKA).
Telegram never shares information about your chats or contacts with third parties, including government agencies.
Nevertheless, to prevent misuse of our platform by terrorist groups, our current privacy policy since 2018 allows us to disclose IP addresses and phone numbers of terrorist suspects upon government request backed by a court order.
We're conducting this poll to find out if our German users support our current privacy policy or if they want to reduce or increase the number of cases where Telegram can potentially share data with authorities. We are providing three options to choose from.
OPTION 1: No changes. Telegram may continue to share IP addresses and phone numbers of terror suspects only based on a court decision. This option is already included in Telegram's current privacy policy.
OPTION 2: Upon request by German police authorities, Telegram may disclose IP addresses and phone numbers of suspects of serious crimes, even if not supported by a court decision. This option, if approved, would be completely new for Telegram and therefore requires a change to our privacy policy for users from Germany.
OPTION 3: Under no circumstances may Telegram share user information, including IP addresses and phone numbers of terror suspects. If this option is supported, Telegram will change its data structure and privacy policy for users from Germany.
Only users registered with German phone numbers can participate in the survey below. We have informed all Telegram users in Germany about this survey. The poll will remain open until September 5, 12:00 pm German time (UTC+2).
(Together with an attached poll)
Original: https://imgur.com/a/oHdxchb
233 comments
[ 3.7 ms ] story [ 248 ms ] threadOption 1 is more strict in both ways. Only Terrorism (which is more serious than "just" crime) and even then only with a warrant. Option 2 is unacceptable (IMO). "serious crime" is too ambiguous and without a warrant prone to misuse.
At least that's what I'm reading into this. Picking option #2 was my personal "f..k y.." to them for this manipulation; not that it changes anything. (I really don't want to have a company share info without a warrant, but when a court warrant is issued they should comply).
It's worth noting that a lot of fringe extremists (but not necessarily terrorists) fled from WhatsApp to securer alternatives like Signal and Telegram, especially "COVID deniers" (which, to be clear, refers to a far-right political strategy). So blatantly ignoring warrants is probably good publicity for a vocal part of its userbase.
How about not storing any information at all? Nothing to give, problem solved. Just like Signal.
I seriously don’t understand why people use Telegram instead of Signal. Any reason! The app doesn’t solve any privacy problem, default chats are unencrypted, keeps personal info. App should be dead already or turned into a dating app because it’s clearly not seriously privacy fucused.
"Change our data structure" sounds like they might just host the servers outside the country and use a "Telegram Deutschland Inc" company that doesn't have access to any user data to run the service.
BTW reddit and Hackernews are E2EE, it's just that one E is public.
E2E means no intermediaries see the plaintext, only the original sender and ultimate recipient see the plaintext. HN is not the recipient of your message, it's an intermediary.
I think the better point to make is that we all collectively agree to refrain from using the term "end" (as in E2EE) in situations like the former, as it's misleading despite being accurate; please only use it for the latter.
Messenger like the telegram are something different than sites like HN.
I am aware that I send my messages to HN, they are not forwarded to you but you open the HN page to read my response. HN is more like a message board with message hierarchy. The communication is public, the transmission path is encrypted.
It's more like whispering in your friends ear and she/he writes in down and pins it to a public board. My communication was private, but he/she is a chatterbox and I'm well aware of that.
https://arstechnica.com/tech-policy/2021/08/zoom-to-pay-85m-...
>End-to-end encryption (E2EE) is a system of communication where *only the communicating users can read the messages*. In principle, it prevents potential eavesdroppers – including telecom providers, Internet providers, malicious actors, *and even the provider of the communication service* – from being able to access the cryptographic keys needed to decrypt the conversation.[1]
If the server can read the content, it isn't end-to-end encryption.
[1]: https://en.wikipedia.org/wiki/End-to-end_encryption
Even though I intend for you to read this message, I am sending it to the HN server to post publicly. My communication with HN is E2EE, my communication with you is not. This isn't meant to be useful information, and it certainly isn't advice. It's just an accurate nonstandard way of looking at things.
This doesn't change the fact that the transport as such is E2E.
Things like PGP help to maximize the endianness, since the human has a better sense that the crypto software is legitimate, and can read the code before executing it, although there's still plenty of points of compromise between that code and the human (compiler, Intel ME, etc.) so unless you're doing crypto with a pencil and paper, you're always putting your trust somewhere that isn't precisely the "end."
The people signing up for telegram in droves aren't looking for a replacement for signal or wickr or whatever "secure" messaging platform.
They're joining their friends' group chats and subscribing to their friends' channels. It's a replacement for twitter/facebook more than anything else.
https://github.com/signalapp/Signal-iOS/issues/5294
Signal is a great alternative to WhatsApp. Not so much for Telegram.
I unfortunately have convinced some of my relatives to use Signal without me looking into it beforehand.
Now because of Signal’s moronic design I dread the day when something happens and I decide I want to save all our chats for posterity / memories, but wouldn’t be able to. There is simply no “export” button. There is some way to do it on Android but on iOS we are SOL.
> Migration Assistant and Time Machine for macOS are not supported.
Also some kind of shared access policy.
Could even be a pro feature.
Which might be due to their E2E encryption?!?
Moxie was against all these things because it would make new features more difficult to implement. But personally I care much more for an open infrastructure. Most of their new features weren't even useful.
I'm currently using a matrix bridge and I didn't get banned (officially that's a third party client too) so that's a good sign.
Signal will send you a notification when updates are available, and self-update.
> The app doesn’t solve any privacy problem, default chats are unencrypted, keeps personal info.
I am using it for public chats.
--------------------
EDIT: this is inacurate, see replies
For example I get repeated "insert PIN password here to remember it".
I have a password manager. There is no way to get rid of it, even via deeply hidden settings. For example, what about disabling it for password with length over 40? Or something?
At least on iOS: Settings > Account > [ ] PIN Reminders. I would be very surprised if there isn't a similar way of disabling those reminders on Android.
Yeah, give S̶i̶g̶n̶a̶l̶ Twilio your phone number instead. Problem solved.
> I seriously don’t understand why people use Telegram instead of Signal. Any reason! The app doesn’t solve any privacy problem, default chats are unencrypted, keeps personal info. App should be dead already or turned into a dating app because it’s clearly not seriously privacy fucused.
They don't care and Signal offers less that what Telegram has despite Telegram being less secure. Signal is bad at selling itself.
Maybe Signal needs to offer a better user experience, backup chats across all devices and offer more useful features; not less than their competitors rather than pushing a private cryptocurrency scam project useful for criminals, scammers and money launderers.
If you want to make a protected application, don't tie it to any real world data. That is very easy.
Hilarious that you call it bullshit whilst spouting your own. https://signal.org/bigbrother/
Unless of course you have some documentation to back up what you're saying.
The last time I checked (a few years back) I only saw private groups and no way to hide phone numbers.
If that is still the case then there are less reason to have a warrant for you phone number as it is easier to access.
That wouldn't work for groups. Abusers could then destroy the groups with impunity for the purpose of censorship. Telegram is mostly about groups. Telegram is often used for activism.
Signal claims to not store data about who is talking to who. That doesn't mean that they don't. If they were, say, a secret subsidiary of the CIA they would act exactly as they are acting now. In general you can't trust the providers of these sorts of things. See Crypto AG...
[1] https://signal.org/bigbrother/cd-california-grand-jury/
You don't like that? Stop busting their balls and produce an alternative operating system and application update framework which is not vulnerable.
Signal doesn't claim cryptographic security against that metadata collection, but then there isn't currently any working system that can make such a claim, so why bust their balls over it?
telegram is the only chat app that offers Free Software clients, does not force me to share my phonenumber, is easy enough to use even for old people.
matrix is ok. but element is still buggy and the ux is complex and takes some learning.
another alternative is deltachat. it uses smtp as transport and works with an email account. the UX is also easy enough to use. easier than matrix/element.
For a lot of people, Telegram does a good job of being "less evil than Facebook Messenger", and private in ways that matter to them. I'm more worried about some nutcase from a video game meetup group getting hold of my phone number than I am law enforcement finding out I was in that video game group in the first place.
I have a Matrix server and an XMPP server for 'truly private' communication anyway.
https://yro.slashdot.org/story/22/08/31/2210240/court-orders...
the only thing annoying is that anyone can just talk to me, whereas eg. in wechat people have to make a contact request before they can talk to me directly. but i have the impression that wechat is the unusual one here, which a feature that i'd like to see adapted by other messengers too.
i also miss wechat's feature of being able to choose a custom name for myself in each group. but again, i don't know if any other messenger offers that.
I keep an eye on deltachat, hoping, that it might become a viable alternative to phone number associated chat solutions. Not sure how mature deltachat is already.
deltachat is pretty mature for the features that it has. one nice one is that the autocrypt feature works with some regular email clients, so you can exchange encrypted deltachat messages with people who don't have a deltachat client.
it handles groups, image sharing, and integrates videochat with a configurable url (so you can use any video chat that can be opened through a webbrowser)
Acc to telegram:
> Telegram may disclose IP addresses and phone numbers
How do you propose this data is masked? You need a phone number to use Telegram (and Signal), and you need an internet connection, thus exposing your IP address.
I’m not sure why you think Signal does not have this information.
https://signal.org/bigbrother/cd-california-grand-jury/
> variety of information we don’t have, including the target’s name, address, correspondence, contacts, groups, calls.
Horrible UX compared to WhatsApp, no sync of messages between devices, walled garden like WhatsApp, you can't have your own custom client
only thing: not Facebook & open source
You can have all of that with a Matrix client (except good UX, that's unique to Telegram)
> not Facebook
Bingo!
> Horrible UX
It got way better in the past few years. When I did the initial push with my friends, we failed. Mainly because the basic functionality was buggy at times, such as messages that would simply not be received. But now it's running real smooth imo. Sure, there are a few things I would like to see. Polls is a big one. Maybe a smooth gif creation like WhatsApp -- but those are fairly minor. My experience is that it gets pretty much the job done and that's all I want from it. What exactly is so horrible about it in your experience?
> only thing: not Facebook & open source
Those two are pretty big positives, at least for me. That's pretty much exactly what I'm looking for.
> You can have all of that with a Matrix client
Well ... unfortunately that's a bit much for your average Joe, simple as.
This means no history sync, no seamless device switching, no contact discovery, no search. That's not what people want.
Very easy to integrate custom notifications with bots. Signal is more like "maybe it works with this 3rd party tool". Also being able to use custom buttons with bots.
Telegram has a great bot feature, that you can use to do a bunch of stuff (from smart house notifications, to "uptime robot" tracking of services up/down states, build results, temperature alarms, server monitoring, etc. One curl oneliner, and you get a message on your phone with whatever data needed (even with an image/graph or a file attachment).
Any reason? I’ll give you some serious ones.
Signal sucks really bad on user experience and features. If you try both for a week or two and learn about the features, you’d be able to conclude the same.
Signal does not care about users and prevents backups on iOS. Lose your device or delete the app due to some issues and reinstall? All your chats are gone!
Signal still has message delivery issues (like long delays)…it’s 2022!!!
Signal keeps pestering me to allow notifications and to allow contacts access. I can only choose “Not Now”, since there is no option that says “No”. When I choose “Not Now”, it will say “we’ll remind you later” and pester me again. I don’t understand why anyone would assume that this app cares about privacy or about users’ time.
When you’re knee deep in conversation with someone you’re probably not going to say, “oh hey we should switch to email so we can keep a record of this”. It might not even occur to you that the conversation could ever be of value.
There’s been several occasions when my life has been made much more easy for having been able to dig up some old message in iMessage, Telegram, etc from as far back as multiple years ago sometimes because the way things played out the pertinent info didn’t exist anywhere else simply because nobody involved could’ve ever guessed it had any importance.
Why do you think that? Did you lose any messages? 'cause I can scroll back months and still see all my messages there. Never noticed any loss.
> Signal does not care about users and prevents backups on iOS. Lose your device or delete the app due to some issues and reinstall? All your chats are gone!
Switching out devices is something that happens often enough for many users that transferring history should not be an ordeal. Even the most careful users will occasionally break their phones, and sometimes people need to switch platforms for whatever reason.
WhatsApp suffers from this issue too, at least when trying to migrate histories between platforms.
i think deltachat is possibly the only one that can transfer encrypted messages because you can copy the encryption keys and the messages are just mails, easy to copy (and usually stored on your mail server too)
i don't know how matrix handles this, but from the way verification works there, i am not confident.
https://support.signal.org/hc/en-us/articles/360007059752-Ba...
I think it has something to do that Signal won't trust iCloud as Backup target.
Signal cares about privacy (unlike Telegram) and the evidence is right there in their respective source repositories.
Hm, for me Signal does all I need: Chat, voice chat, video chat, group chat, sending text, pictures, videos, whatever. All of that of course encrypted and not financed by a Russian millionaire/billionaire.
> Signal still has message delivery issues (like long delays)…it’s 2022!!!
Haven't noticed those. How sure are you, that your contacts are actually looking at Signal messages (two filled cirles checkmarks) or have network to receive the messages (two unfilled circles checkmarks)?
> Signal keeps pestering me to allow notifications and to allow contacts access. I can only choose “Not Now”, since there is no option that says “No”. When I choose “Not Now”, it will say “we’ll remind you later” and pester me again. I don’t understand why anyone would assume that this app cares about privacy or about users’ time.
OK, that's really annoying then. I usually use Signal on my computer, from which it works very nicely and never asks me any of those things.
My chats being gone from new devices is one reason I use Signal over others.
> Signal still has message delivery issues (like long delays)…it’s 2022!!!
I've sent tens or hundreds of thousands of messages over the course of years and the only time i've had delays is when I had spotty service.
Matrix is decentralised open-source solution. I don't understand why people don't use it more instead of Signal or Telegram. Or Session, but it is not very user friendly.
just so you know, Signal does permanently store sensitive user data in the cloud. They collect your name, photo, phone number, and a list of every person you contact using Signal. That data is stored in your profile on their servers.
Signal really used to not store anything, but that hasn't been the case for a long time now and if this is the first you're hearing about that, it should tell you all you need to know about how trustworthy Signal is.
This is wrong. The German COVID policy is not strict at all. There is a 5 day isolation if you test positive, and you usually have to wear a mask on public transport. That's literally it.
Why should I do that?
Idk about you, but waving flags of the German Reich, following known Neo-Nazis and attending events of far-right organizations, while spreading lies and slogans that originate from right-wing conspiracy theorists, seems kinda right-wingy to me.
Some examples of mainstream media that emphasize the heterogeneous nature of these protests:
https://www.tagesschau.de/faktenfinder/esoterik-impfgegner-c...
https://www.spiegel.de/wissenschaft/mensch/corona-demonstrat...
https://www.sueddeutsche.de/politik/corona-demos-zwischen-hi...
https://www.rnd.de/panorama/esoteriker-auf-corona-demos-tanz...
https://www.faz.net/aktuell/politik/inland/corona-proteste-q...
So I don't think your assessment is fair.
They may not be considered right-wing, but they are falling quite easily for those rat catchers.
Just take the "Truther" movement. Those guys were readily spreading antisemtic bullshit in the last 20 years. They were quite successful in the esoteric scene.
https://twitter.com/martinkulldorff/status/15645903371375493... The look at Great Barrington Declaration. Then look at what the vaccines were promised to do by the authorities and politicians in power, and what the outcome truly was.
Rather like ISP's today aren't responsible for the web pages they deliver - the HTTPS encryption means they couldn't scan or block them even if they wanted to.
ISP's can be required to in fact not deliver certain webpages, usually for copyright reasons. If Telegram redesigns its system like you suggested the courts may just shift to:
Do not broadcast, transmit or make available the channel with the ID XYZ. The channel might not be deleted of course, but if it's no longer accessible that would be essentially the same.
Those are the things I gathered by lightly consuming news. Maybe this is some kind of preparation for winter, where COVID cases are expected to rise in combination with very high energy prices.
Telegram also has some ~700 million monthly active users - it seems unlikely to me that there are even 700 million alt-right people in the entire world.
https://www.cicero.de/innenpolitik/nancy-faeser-und-kommende...
So she's basically considering every upcoming protest against government due to exorbitant high energy price being anti-constitutional and undermined by violent right-wing extremists.
This is not somy dystopian future, this is Germany 2022.
"Telegram: An important opposition tool abroad, a radicalising cesspit at home."
https://twitter.com/argonerd/status/1296552428620451842?lang...
https://www.golem.de/news/an-die-polizei-telegram-bittet-nut...
First it is just the IP and phone number. Then, it will be extended to contacts. Because, why not, that can be useful also for "terrorist investigations". Then it will be chat history,because it makes sense, the police has a warrant... And telegram is technically able to...
Also, clever poll tactic to put the option 1 as looking 'moderate' in front of other extreme options.
Also, for the fighting "terrorism" argument, just remember that we are all terrorists for Russia, and that even in Europe (Germany, France, ...), A lot of high ranking gov and police officials were found guilty of corruption or abusing the system for their own interests!
That is I imagine requests would be in the shape of "here is a username give us IP and phone number".
It is also relevant to know whether German courts can order to collect this information, it is also relevant that German courts apply German jurisdiction universally (an example there are African war lords convicted of war crimes that have no relation to Germany or German citizens).
Personally I would prefer privacy first companies to focus on lobbying the idea that these kind of court orders are to be used sparingly rather than enter an adversarial arm race with regulators.
Anyway, “slippery slope” is an extrapolation and not an argument, cannot be used as such. You can naively extrapolate everything, e.g. I was too lazy to take out the trash today … and then I’ll try heroin. I couldn’t get a raise and switched jobs … and then I will be trafficking humans. I disagreed with my spouse … the divorce is imminent. I asked customers what they think of a complex issue … I will sell their laundry to everyone. This is all nonsense.
Yes literally all the time in the United States.
The horseman of the privacy apocalypse is roughly - Terrorism, Drugs, and CP.
What are these other ways to investigate suspects you're thinking that are preferable to building out networks from Telegram metadata? Bugging houses? Threatening family members to rat people out? Deep cover covert agents? Are any of those less subject to abuse?
Do we only then use digital services to spy on those not savvy enough or careful enough to be private? What if everyone achieves Signal level privacy, or better? We end up having to answer the same question as before: what other methods are possible.
They get banned of it eventually, exactly the reason why this thread exists (telegram evaluates an idea of staying in Germany by relaxing some privacy rules, remember? It’s not their decision, but Germany’s). When reality changes, so do rules, they are not set in “capstone”. A couple of demolished buildings and the general public starts asking: why do we have so much of <whatever comes to mind> when it’s clearly dangerous.
We live in a society, I don’t see how giving out basic information to law enforcement with a court order is somehow a fault of the company - first of all, your mobile service provider knows orders of magnitude more info on you (and quite likely sells it as well), second of all, your employer will do the same without a second thought as well as your bank, etc.
Then, just share a few of them, not a big step but it starts the machine of making it easy to share more and more little by little.
First IP, then IP and phone nb, then IP, phone nb, and connection log, then IP, phone, connection log, and geodata; then IP, phone nb, connection log, location data; then IP, phone nb, connection log, location data, contacts; Then IP, phone nb, connection lots, location data, contacts, chats ...
If you look at the "because terrorism" reason, it can apply at any of these data.
No one will say: we think they are terrorist, share their IP but not their location or their chat.
Not German, but still want to know
Since the poll already has >1.1 million votes, I wouldn't expect those numbers to change a lot
At a minimum, users should be informed that their info was shared with government.
Eg. Would users have been more accepting of YouTube removing the dislike button if the proposal had won a user poll?
How to avoid this?
Don't store any data, as simple as that.
Use p2p E2EE services. The server will only orchestrate between connections but no actual data will pass through it, giving the cops absolutely nothing except connection logs! Sure, they can still see when you connected and who you requested to talk with, but there are many mitigations and (unless they actively sniff you) they won't even have a byte of data you actually sent to that person
Purchases are where the sales at. Strange that these sellers aren’t using more secure messengers.
I believe that illegal activity is a good litmus test for a messenger, much better than forum theories or headlines. If for some reason drug dealers stay away from particular apps, so should you.
41% OPTION 1: No changes. Telegram may continue to share IP addresses and phone numbers of terror suspects only based on a court decision
21% OPTION 2: Upon request by German police authorities, Telegram may disclose IP addresses and phone numbers of suspects of serious crimes, even if not supported by a court decision.
34% OPTION 3: Under no circumstances may Telegram share user information, including IP addresses and phone numbers of terror suspects.
4% No opinion / I am not from Germany
No, sorry, we are not. Not by a long shot. Most people here do not have a good understanding of these issues and "just want to live their life", meaning continue to be uninformed, as long as it is convenient.
It is quite difficult to even get people to try Signal or other option, to really give it a chance, because they are so prone to the network effect. They install all kinds of shit apps on their phones, but one more privacy friendly chat app? Nahhhh ...
Wire and Threema are serious privacy-focused messengers. They have all things necessary for good privacy: full E2E, pseudonymous IDs not linked to phone numbers, multiple accounts, ephemeral accounts, side-channel authentication, etc.
Signal is something in between. It is not enough for state of the art privacy (as it is linked to phone numbers which are really tightly coupled to real-world identities), and it doesn’t provide a lot of features to be a good development platform. I think it is stuck in its current state, and no longer evolving.
Matrix offers all that, and bots and public channels
Well, obviously because Telegram officially allows and supports bots and WhatsApp doesn't and actively tries to ban them.
Thats more of a policy difference than a technical or conceptual difference IMO.
1.26 mio. votes; Option 1 (41%), Option 2 (21%), Option 3 (34%), Option 4 (4%).
Currently the poll stands at:
* OPTION 1: 40%
* OPTION 2: 21%
* OPTION 3: 35%
* (no opinion): 4%
with 1.3 million votes so far.
I like the outcome (personally, I don't think the "store nothing" approach of OPTION 3 is really necessary), although the 21% that push for even less privacy are a bit concerning