79 comments

[ 2.6 ms ] story [ 132 ms ] thread
I wonder why Putin/Russia is yelling about this, the guy's become a persona non grata in Russia according to Wikipedia. Perhaps he's secretly cooperating with Putin? Or maybe Putin's regime is afraid the French will uncover their propaganda networks on Telegram...
Russian forces are using telegram channels in mission operations in the invasion of Ukraine.
I believe so are Ukrainian forces.
Telgram is banned in UAF
UAF itself is on Telegram. I think that their decision to not use a social media type app for war inter-communication makes sense. Not matter what country you are in.
This move may not be what it seems. He may have sought protection from Putin and the charges are a cover.
(comment deleted)
I've assumed it is because domestically it looks good for him to 'support' a Russian citizen, while simultaneously being a bad look for Durov in the west.
Maybe cause when you take down one Billionaire and get away with it, the temptation to take down another increases. Russian oligarchs need to go if US/EU is serious about regime change there.
(comment deleted)
Optics. Putin has no influence over what happens in France, so anything he says about this is for propaganda purposes.
Putin criticises / praises lots of things just to make a statement or publish an opinion on some governments. It's not the first time and it's not unusual. It possibly has no relation to what he things of the guy.
That’s just a “Hey, you Gershkovich’ed one of ours!” show. The point they are trying to get across is that they are doing the same the West does. Durov (still) being a Russian citizen certainly helps them.
Until he starts to capitulate to censorship, especially of anti-Israeli and pro-russian groups, they will continue to pin all indirect criminal activity on him.

Free speech is defined as speech free of threats to the establishment.

I've heard rumors that this particular arrest was made for the unspoken reason that Israel had a major intelligence leak, collections of which are distributed on Telegram that the service has been 'unresponsive' for taking down.

France cooperating with Israel on this makes too much sense.

https://archive.ph/wpYTK

It does make more sense as the trigger than the Russia/Ukraine situation. Here is the summary (The original Haaretz article is paywalled, please only focus on the Haaretz quotes and not the rest):

https://www.aa.com.tr/en/middle-east/anti-israel-hackers-hav...

"The leaked data has appeared on platforms like Telegram, prompting a series of takedown attempts by Israeli authorities. However, Telegram’s limited moderation policies have complicated these efforts."

France has taken a stance on the Israel/Palestine war that is well short of condemning Israel, but is still seen by them as hostile. I doubt they would cooperate in such a high-profile manner. If there is a political goal, it's more likely in order to help Ukraine.
> Free speech is defined as speech free of threats to the establishment.

Well, if free speech for you is pornography with infants...

Freedom to speak without being overheard.

Should all hard drives be monitored by the government because of what they could contain.

Also accusing someone of supporting CP in any way for supporting free speech is just a terrible, and really shitty way to try and win your argument.

That’s a loosely enforced moral code. Not a reason for a high profile arrest like this.
> Complicity in the administration of an online platform to enable illicit transactions by an organised gang Refusal to communicate with authorities

Sounds a lot more like that Telegram is expected to assist law enforcement with investigations into crimes. Inclusion of Csam is to extract public support.

Boss? He is a founder, not a head of mafia.
It's the BBC. 'boss' as a mafia trope is specific to the US.
Yup. Similar to scheme, which doesn't carry the same negative connotation in British English as it does here.
thats what I keep telling the guy at the corner store
The first time I’d heard about Telegram being used was when some dude hacked those modern NeoGeo minis and was distributing CFW there. Figured it must be shady as hell. Have yet to see otherwise.
For reference, Telegram is a ~billion MAU platform - not seeing more than a singular ${thing} on it says more about what you've bothered to look at than what's on the platform. It's also a bit odd to come to Hacker News to specifically name distributing custom firmware itself as the cause of shadiness.
IANAL, but I think that this case mostly has merit. Telegram is not end-to-end encrypted by default. So they have access to the conversations in group chats and non-E2E encrypted DMs.

One of the charges is refusal to provide information when requested by law enforcement. And he is a French citizen, so there might be an explicit obligation to cooperate with law enforcement when requested.

To me it sounds like he’s being done in for not putting E2E encryption on everything.

Whether he should be liable for what others do on his platform is a different matter entirely. But it has merit.

> And he is a French citizen, so there might be an explicit obligation to cooperate with law enforcement when requested.

Seems unlikely. If French law enforcement asked a French citizen working at Microsoft in Washington to exfiltrate some data for an investigation, could they be arrested if they didn't do it?

I don't know French law. but, afaik, the Australia and China can do that to their citizen
Australia can compel a citizen to break the law in a foreign country?
Yes. In fact every country can.
In theory, but that might get you prosecuted in the country you currently reside in, which can easily become a political mess for your home country if the reason gets out.
It's not theoretical. It spans lots of areas, from trivial food safety (you're forbidden/required to wash eggs depending on the country), to social (can't allow / can't deny education for women), and many others. Countries have explicitly conflicting laws in many cases and effectively force people to break another country's laws.
The country where it’s done would likely arrest said person for industrial espionage, if not regular espionage, among other things like unauthorized usage of computer systems, etc.
Looks like they couldn't order an employee in Washington to do it but could order someone inside France to provide the data: https://academic.oup.com/book/27039/chapter/196319372

"The French Code of Criminal Procedure provides that a réquisition ordering access to computer data can permit access to data that is stored in servers outside of France as long as the réquisition involves a terminal that is located in France with authorized access to the relevant data located abroad, and as long as the access is permitted under international law.7 The location of the data itself is irrelevant."

> To me it sounds like he’s being done in for not putting E2E encryption on everything.

That seems fair and indeed completely on Telegram: Having data but not sharing it with law enforcement just doesn't fly pretty much anywhere.

What's concerning is that the French authorities seem to have slapped on an "unauthorized import of cryptology" charge on there. It's bizarre to still have such a law on the books in 2024, and even more so to actually enforce it.

Not "sharing the data" - he's investigated for not acting on it. We can speculate about government control conspiracies etc. but in a more simple scenario - we know telegram is popular for crime and scams and they don't care. Looking further until that part is solved feels weird.
I think you're right, but it can also be politically motivated (it obviously is)
No, the reasons given for the arrest in the press release from the prosecutor's office includes the charge of him not getting appropriate permission before implementing E2E. This is an anti-encyption measure, amongst other things.

https://www.tribunal-de-paris.justice.fr/sites/default/files...

English translation of the last three points:

• Providing cryptology services aimed at ensuring confidentiality without certified declaration.

• Providing a cryptology tool not solely ensuring authentication or integrity monitoring without prior declaration.

• Importing a cryptology tool ensuring authentication or integrity monitoring without prior declaration.

These three points are not about not getting permission, but about not declaring the services offered. The difference being that permission can be refused, but a declaration is just a one-sided formality.

Other services do require permission, like offering cryptanalysis tools or exporting to non-allied countries.

See this info page by the French government: https://cyber.gouv.fr/controle-relatif-un-moyen-de-cryptolog...

So in what way did Telegraph fail to declare the cryptographic services offered?

"Certified declaration" implies an authority that certifies it, i.e. approves it, i.e. has to give permission.

Since the case hasn't yet been adjudicated, I don't know whether or how Telegram failed to provide a certified declaration, but it seems possible that they simply never submitted the form.

"Certified declaration" does not imply any authority giving permission, especially not when the original French is "déclaration conforme." You could call it a "declaration fulfilling the legal requirements" instead if you want.

I find it difficult to imagine that failing to submit a form that does not involve obtaining any kind of approval, would be something you get criminally charged for. To what end would criminal penalties be given for such a benign infraction?
> I find it difficult to imagine that failing to submit a form that does not involve obtaining any kind of approval, would be something you get criminally charged for.

Try not filing the taxes in the US.

> would be something you get criminally charged for.

They clearly just charged him with everything they could think of.

Filing taxes is associated with obligations, that you must meet. Encryption being free to employ would not be accompanied by any such obligations.
Not only do they have access to group chats and non-E2E encrypted DMs, their moderation practices for those are:

https://telegram.org/faq

Q: There's illegal content on Telegram. How do I take it down?

A: All Telegram chats and group chats are private amongst their participants. We do not process any requests related to them.

It gets worse. What they are saying is quite openly, "We have the data you're after. Force us to disclose it."

> Q: Do you process data requests?

Secret chats use end-to-end encryption, thanks to which we don't have any data to disclose.

To protect the data that is not covered by end-to-end encryption, Telegram uses a distributed infrastructure. Cloud chat data is stored in multiple data centers around the globe that are controlled by different legal entities spread across different jurisdictions. The relevant decryption keys are split into parts and are never kept in the same place as the data they protect. As a result, several court orders from different jurisdictions are required to force us to give up any data.

Thanks to this structure, we can ensure that no single government or block of like-minded countries can intrude on people's privacy and freedom of expression. Telegram can be forced to give up data only if an issue is grave and universal enough to pass the scrutiny of several different legal systems around the world.

To this day, we have disclosed 0 bytes of user data to third parties, including governments.

He'll get out - maybe through the embassy. It's not like there would be extradition between Russia and France with the relationship as it is at the moment.
He likely won't go to Russia since he has fought Russia trying the same thing.
What embassy? He’s a French citizen and a persona non grata in Russia.
He's not persona non grata. He visited Russia last time in October 2021 (see recent reporting by Vaznye Istorii). (I doubt he'll escape to Russia though).
Persona non grata that cabinet ministers are clamoring to be "rescued"?
If Telegram is not end to end encrypted, then intelligence agencies already have the information they claim to be seeking.

Therefore the only purpose of this prosecution is to get Durov to toe the line.

The fact that this is happening just before the US elections is not a coincidence. Add to this the synchronised anti-Telegram propaganda from BBC, DW, French media.

He’s being told to play ball or else.

Not sure I understand your reasoning here. It’s illegal to host CSAM and enable organized crime. The fact it wasn’t encrypted just means Telegram doesn’t have plausible deniability.
My key point is the synchronised propaganda by western media, and the timing of this action against Telegram. Very convenient. I’m not surprised that I’m being down voted for pointing this out.
I don’t know what you mean by “synchronized propaganda”. There’s a lot to dislike about Telegram. They are in the middle of pretty much every kind of illegal activity you can think of. So it’s not true to say that only intelligence agencies could have an interest in taking them down.

You are likely being downvoted because your argument contains a hidden but incorrect premise that the only reason a platform CEO would be arrested is for national security reasons. From that (false) premise it would follow that since he isn’t being arrested for national security reasons, his arrest was unjust.

Thanks for the link. It seems Tucker Carlson is making the same incorrect fundamental assumption I mentioned. Unless he establishes it at some point, I don’t see any reason not to dismiss the whole thing out of hand.

I don’t see anyone in the Twitter replies pointing it out, likely because Elon’s algorithm suppresses dissenting voices.

How would intelligence agencies already the info they seek? Not having E2E encryption isn’t the same as not having encryption at all. You could easily keep law enforcement out while you maintain access to the data internally.
This. Durov made his service such that only his company could see (and potentially abuse) the data, but people seem to have been under the false assumption that Telegram has better safeguards against that than other messaging apps when they don’t. In exchange for this power, Durov is held liable for the crimes he gave himself the right to eavesdrop on so none of this is all that surprising to me.
I'm fairly convinced that the arrest of Pavel Durov on content-moderation related issues is actually an attempt by a NATO state at securing information about adversaries, as it's the most used messaging app by Russian forces in Ukraine. Apparently the Wagner Group had developed their own messaging client, ostensibly for this reason.
> it's the most used messaging app by Russian forces in Ukraine

Group chats aren’t encrypted so that would be pretty idiotic if true.

They are encrypted in transit, just not end-to-end encrypted.
Exactly. If he's allowed to be free, but banned from leaving the country, FVEY SIGINT can throw their entire bag of tricks against his comms while working remotely. Maybe they can recover keys, infrastructure details, etc.

Dude is going to need to build his own SCIF, surrounded by proximity detectors and armed guards, offgrid power generation, fed by quantum-resistant encrypted fiber lines with splice detection alarms in a hurry.

Nothing but disdain for FVEY, but this is a solid approach on their part.

It wouldn't surprise me to learn it's the US trying to spy on Ukraine. We don't want to end the gravy train for the Military Industrial Complex with a surprise or cheaper victory, do we?
> actually an attempt by a NATO state at securing information about adversaries

Or disrupt their communications and cause chaos in their command structure. If Russia had to actually build it's own app; the corruption in the Russia state would give as strong of a showing as it's broken tanks.

(comment deleted)