Telegram's Evolving Stance on Data Access: A Shift Under Pressure
Posted: Tue May 27, 2025 8:42 am
Often lauded for its strong privacy stance and end-to-end encryption in "Secret Chats," has historically maintained a public position of refusing most data access requests from governments. For years, its official policy stated that "0 bytes of user data" had been transferred to any third party, including governments. This resolute stance cemented its reputation as a haven for privacy-conscious users and, inadvertently, for various illicit activities.
However, this narrative has undergone a significant shift, particularly in late 2024. While Telegram did, in the past, have a policy of disclosing IP addresses and phone numbers in cases of confirmed terror suspects with a valid court order, their practical compliance was often questioned. Reports surfaced, for instance, in 2022, suggesting that Telegram had quietly fulfilled some data requests from German authorities related to terrorism and child abuse suspects, even as it publicly maintained its "0 bytes" claim.
The major turning point arrived in August 2024, with telegram data the arrest of Telegram CEO Pavel Durov in France. While he was later released on bail, the arrest was reportedly linked to allegations of the platform's reluctance to cooperate with law enforcement in investigations involving child sexual abuse material, organized crime, and drug trafficking. This incident appears to have exerted considerable pressure on the company, leading to a substantial policy reversal.
Following Durov's arrest, Telegram updated its privacy policy to explicitly state that it may disclose IP addresses and phone numbers to relevant authorities if a valid judicial order confirms a user is a suspect in a case involving criminal activities that violate Telegram's Terms of Service. This expanded beyond just terrorism cases to include a broader range of criminal activities like cybercrime and online fraud.
The immediate aftermath of this policy change was a noticeable surge in data disclosures. Transparency reports, which Telegram has committed to publishing quarterly (though with varying levels of detail), show a dramatic increase in fulfilled data requests, particularly from the United States, India, and European countries. For example, in the first nine months of 2024, Telegram fulfilled only 14 requests from the U.S. affecting 108 users, but this number jumped to 900 requests affecting 2,253 users for the entire year, with a massive spike from October onwards. Similarly, India saw a substantial increase in requests fulfilled, reaching over 14,000 for more than 23,000 users in 2024.
Therefore, while Telegram previously demonstrated a strong inclination to refuse data access requests – primarily citing user privacy and the sanctity of encrypted communications, and often facing legal challenges and even bans in certain countries for this stance – recent events have led to a marked shift. The pressure from governments and law enforcement agencies, underscored by the arrest of its CEO, has compelled Telegram to become more compliant with judicial orders, especially in cases of severe criminal activity that violate its terms of service. This represents a significant departure from its historical position of near-absolute refusal.
However, this narrative has undergone a significant shift, particularly in late 2024. While Telegram did, in the past, have a policy of disclosing IP addresses and phone numbers in cases of confirmed terror suspects with a valid court order, their practical compliance was often questioned. Reports surfaced, for instance, in 2022, suggesting that Telegram had quietly fulfilled some data requests from German authorities related to terrorism and child abuse suspects, even as it publicly maintained its "0 bytes" claim.
The major turning point arrived in August 2024, with telegram data the arrest of Telegram CEO Pavel Durov in France. While he was later released on bail, the arrest was reportedly linked to allegations of the platform's reluctance to cooperate with law enforcement in investigations involving child sexual abuse material, organized crime, and drug trafficking. This incident appears to have exerted considerable pressure on the company, leading to a substantial policy reversal.
Following Durov's arrest, Telegram updated its privacy policy to explicitly state that it may disclose IP addresses and phone numbers to relevant authorities if a valid judicial order confirms a user is a suspect in a case involving criminal activities that violate Telegram's Terms of Service. This expanded beyond just terrorism cases to include a broader range of criminal activities like cybercrime and online fraud.
The immediate aftermath of this policy change was a noticeable surge in data disclosures. Transparency reports, which Telegram has committed to publishing quarterly (though with varying levels of detail), show a dramatic increase in fulfilled data requests, particularly from the United States, India, and European countries. For example, in the first nine months of 2024, Telegram fulfilled only 14 requests from the U.S. affecting 108 users, but this number jumped to 900 requests affecting 2,253 users for the entire year, with a massive spike from October onwards. Similarly, India saw a substantial increase in requests fulfilled, reaching over 14,000 for more than 23,000 users in 2024.
Therefore, while Telegram previously demonstrated a strong inclination to refuse data access requests – primarily citing user privacy and the sanctity of encrypted communications, and often facing legal challenges and even bans in certain countries for this stance – recent events have led to a marked shift. The pressure from governments and law enforcement agencies, underscored by the arrest of its CEO, has compelled Telegram to become more compliant with judicial orders, especially in cases of severe criminal activity that violate its terms of service. This represents a significant departure from its historical position of near-absolute refusal.