In a major policy reversal, the popular messaging app Telegram has announced it will
give users’ IP addresses and phone numbers to authorities in response to valid legal
requests in an attempt to rein in criminal activity on the platform.
“We’ve made it clear that the IP addresses and phone numbers of those who violate our
rules can be disclosed to relevant authorities in response to valid legal requests,”
Telegram CEO Pavel Durov said in a post.
Such data disclosures, it said, will be included in its periodic transparency reports. It
further noted that the service may collect metadata such as IP address, devices and
Telegram apps used, and the history of username changes to tackle spam, abuse, and
other violations.
It’s worth noting that a previous version of its policy limited user information sharing to
cases involving terror suspects: “If Telegram receives a court order that confirms you’re
a terror suspect, we may disclose your IP address and phone number to the relevant
authorities.”
https://thehackernews.com/2024/09/telegram-agrees-to-share-user-data-with.html
RITC Cybersecurity’s take:
Honestly, we are a little shocked by this abrupt change in policy, but as the story notes,
this is most likely driven by Pavel Durov’s arrest in France. Whether this change in
policy is a good idea or a bad idea, and what precedent it sets for other companies like X,
who have been in the news recently and targeted by nation-states, remains to be seen.