In a significant revelation, Telegram has confirmed that it has complied with 900 requests from U.S. law enforcement agencies, leading to the disclosure of sensitive information, specifically the phone numbers or IP addresses of 2,253 users. This dramatic surge in data sharing marks a notable shift in the platform’s approach to user privacy and law enforcement collaboration, particularly following an announcement made in September 2024 regarding a policy overhaul on user data disclosure.
Historically, Telegram has been utilized for various purposes ranging from private communications among friends and family to interactions with communities sharing common interests or rallying against governmental censorship. However, the platform has also gained notoriety for its association with cybercriminal activities. It has become a common venue for illicit operations involving the sale of illegal services, distribution of stolen data, and execution of cyberattacks.
As highlighted in a recent report by 404 Media, these startling statistics stem from Telegram’s Transparency Report covering the period from January 1, 2024, to December 13, 2024. Prior to the policy change, Telegram was restrictive in its data-sharing practices, providing user information predominantly in cases related to terrorism. Between its founding and September 30, 2024, Telegram processed a mere 14 requests affecting 108 users.
The revised policy now permits the sharing of user data with law enforcement in broader contexts, including various forms of cybercrime, trafficking of illegal goods, and online fraud. According to the updated Telegram privacy policy, the company stipulates, “If Telegram receives a valid order from the relevant judicial authorities that confirms you’re a suspect in a case involving criminal activities that violate the Telegram Terms of Service, we will perform a legal analysis of the request and may disclose your IP address and phone number to the relevant authorities.”
This strategic pivot by Telegram followed increased pressures from global law enforcement, particularly after the arrest of the platform’s founder and CEO, Pavel Durov, in France in late August. He faced numerous charges, including alleged complicity in cybercrime, organized fraud, and refusal to comply with lawful intercept requests that could assist in criminal investigations.
In the wake of this policy change, multiple cybercrime groups have signaled their exit from Telegram; however, findings from cybercrime intelligence firm KELA suggest that despite these departures, the overall cyber threat landscape remains largely unchanged. The reported jump in data-sharing practices in the final quarter of 2024 indicates a shift in Telegram’s operational strategy, though a comprehensive analysis will be expected with the publication of the next transparency report scheduled for April 2025.
For those interested in monitoring Telegram’s transparency efforts, the platform offers a dedicated bot that allows users to access transparency reports relevant to their specific region.
The topic of privacy and user data protection continues to gain traction, seen in other developments such as Apple’s recent $95 million settlement over Siri privacy violations and ongoing controversies regarding data security across multiple platforms. The heightened collaboration between messaging platforms like Telegram and law enforcement emphasizes the delicate balance between ensuring user privacy and facilitating criminal investigations. As more information becomes available in the coming months, the implications of Telegram’s policy shift will undoubtedly provoke further discussion within both tech and legal communities.