Update March 8, 2022: EFF has clarified that Channels and Groups are not fully encrypted, end-to-end, updated our post to link to Telegram’s FAQ for Cloud and Secret chats, updated to clarify that auto-delete is available for group and channel admins, and added some additional links.
Russians and Ukrainians are both prolific users of Telegram. They rely on the app for channels that act as newsfeeds, group chats (both public and private), and one-to-one communication. Since the Russian invasion of Ukraine, Telegram has remained an important lifeline for both Russians and Ukrainians, as a way of staying aware of the latest news and keeping in touch with loved ones.
Telegram has gained a reputation as the “secure” communications app in the post-Soviet states, but whenever you make choices about your digital security, it’s important to start by asking yourself, “What exactly am I securing? And who am I securing it from?” These questions should inform your decisions about whether you are using the right tool or platform for your digital security needs. Telegram is certainly not the most secure messaging app on the market right now. Its security model requires users to place a great deal of trust in Telegram’s ability to protect user data. For some users, this may be good enough for now. For others, it may be wiser to move to a different platform for certain kinds of high-risk communications.
Right now the digital security needs of Russians and Ukrainians are very different, and they lead to very different caveats about how to mitigate the risks associated with using Telegram. For Ukrainians in Ukraine, whose physical safety is at risk because they are in a war zone, digital security is probably not their highest priority. They may value access to news and communication with their loved ones over making sure that all of their communications are encrypted in such a manner that they are indecipherable to Telegram, its employees, or governments with court orders.
If you are in Ukraine, here is what you need to know about Telegram:
Channels are not fully encrypted, end-to-end. All communications on a Telegram channel can be seen by anyone on the channel and are also visible to Telegram. Telegram may be asked by a government to hand over the communications from a channel. Telegram has a history of standing up to Russian government requests for data, but how comfortable you are relying on that history to predict future behavior is up to you. Because Telegram has this data, it may also be stolen by hackers or leaked by an internal employee.
Groups are also not fully encrypted, end-to-end. This includes private groups. Private groups cannot be seen by other Telegram users, but Telegram itself can see the groups and all of the communications that you have in them. All of the same risks and warnings about channels can be applied to groups.
If you do not have secret chat turned on, your chat communications can be exposed or seen just like channels and groups. If you do turn on secret chat, then Telegram cannot see the contents of your communication, but they still have access to metadata about the communications, including who you talked to and when you talked to them. It may be possible to draw very specific conclusions about what you are doing based only on the metadata about your conversation.
For many Ukrainains, the finer points of encrypted communications are probably not the highest priority at this moment, but for soldiers, government officials, or journalists, these may be important considerations. If you need to communicate with a group and it is important that Telegram should not have access to the data or metadata surrounding these communications, move your communication to an alternative platform such as Signal (see our guides for Android and iOS), Wire, Threema, or WhatsApp (see our guides for Android and iOS). This list is not exhaustive and each of these apps has their own drawbacks and advantages, some of which are discussed here.
Ukrainians may also be targets for account compromise. This is an especially high risk for the administrators of certain channels and for high-profile users that Russian hackers may wish to impersonate in order to spread misinformation or propaganda.
Telegram users should do the following to secure their accounts:
- Have a strong, unique password that you store in a password manager.
- Turn on two-factor authentication for your account.
- Make sure that you also have a (different) strong password and two-factor authentication turned on for the email account associated with your password recovery address.
Ukrainians may also be concerned about seizure of their phones by Russian soldiers (Russian police have already begun such seizures in Moscow) who may compel them to unlock their phones and show the soldiers their communications. If you are concerned about protecting sensitive Telegram messages, make sure that your communications are in a secret chat with self-destructing messages set to a short timeframe.
Short of erasing the content on your phone before it is seized, there is no way for members to set an auto-delete timer for a channel or a group chat. In groups or channels, only admins can enable or modify the auto-delete timer. Other platforms do provide this capability. For example, Signal has end-to-end encrypted group chats that allow members to set a timer for disappearing messages.
If you are in Russia, here is what you need to know about Telegram:
For Russians, the risks posed by insecure communications may lead to arrest, violence, or other forms of government intimidation. This is especially true for Russians practicing independent journalism, vocally opposing the invasion of Ukraine, or organizing anti-war protests. These are all groups that may be especially interested in keeping their communications out of reach of the Russian government or pro-government hackers, and who may wish to take extra steps to hide their identity from the Russian government and even from their fellow organizers.
All of the same risks that your Telegram communications may be exposed in channels, groups, and chats apply to Russians as well as Ukrainians. Russians may be more willing to prioritize safe and secure communications over simply being able to communicate at all, because physical danger is less imminent. Specifically, Russians prioritizing safe and secure communications should move sensitive group chats to an app that supports end-to-end encrypted chats for groups and disappearing messages, such as Signal (see our guides for Android and iOS) or WhatsApp (see our guides for Android and iOS). If Russians are concerned about linking their identity to a phone number, they should use an app that provides end-to-end encrypted chat capabilities but does not require a phone number to join, such as Wire or Threema.
Russians should also secure their accounts against compromise with two-factor authentication.
Russians may also be concerned about the seizure of their phones by government authorities who force them to unlock the device and show their messages. They may wish to turn on disappearing messages as shown above.
Due to a combination of foreign sanctions and government censorship, it may not always be possible to reach an app store to install a new app or to pay for a new app even if you are willing to buy one. For these reasons, it is important to understand the risks posed by Telegram and to practice caution.
Security is a team sport and it only works when we look out for one another.