I wrote an op-ed today in @lemonde about Durov's arrest. It's paywalled and French-walled too, so I'll post the key points here!

https://www.lemonde.fr/idees/article/2024/08/29/que-le-sort-de-pavel-durov-ne-serve-pas-de-cheval-de-troie-qui-legitimerait-des-pressions-sur-d-autres-developpeurs-dont-la-situation-n-a-rien-de-comparable_6298532_3232.html

1) You may have noticed that close to nobody in the infosec community (beyond Snowden) is calling for Durov's immediate release. That's because the infosec community knows Telegram has nothing to do with security and TG is not, in fact, a secure messenger. Not by a long shot.

A lot of people have written extensively about this, so I'll just summarize: most chats are only encrypted in transit, and when they are, it's with a proprietary and non-audited protocol. All your data is stored in plaintext on Telegram's servers.

2) It's actually unclear that the authorities view TG as a messenger at all. The indictment uses language that is more fitting to platforms and social media. Elon Musk understands this, which is why he's been vocal about the arrest.

This case IS NOT ABOUT FREE SPEECH. It's about whether platforms should be forced to cooperate with law enforcement (here, on drug / CP cases). EU law says that if problematic content is reported to X/Fb/Linkedin, they must delete it. If they do, they can't be held responsible.

You may disagree. But you cannot frame the situation as "the French government wants to destroy the last bastion of free speech". Also, this is not a political arrest, since prosecutors are independent in France. It's almost certain they didn't ask the government for permission.

3) Most platforms have nothing to worry about. Despite what @andyyen says, there's zero risk for him because he fully cooperates with authorities, which he knows. That was in fact the source of terrible PR for Proton.

The best thing platforms can do to protect themselves is use E2EE everywhere they can and store the least possible user data.
Crucial: don't say no to governments like Durov and go to jail. Create the conditions for your powerlessness. Say "we'd love to but we can't".

4) Maybe the most important point: the battle for free speech and encryption does go on. Telegram never was our champion for this battle and never will. Threats to encryption are still looming in 🇪🇺 and we need to be ready to fight the right battles.

@lemonde @justicerage @andyyen does TG run advertisements? If so, no privacy for the users. But we’ve all known this for years.