Content pfp
Content
@
0 reply
0 recast
0 reaction
Thomas pfp
Thomas
@aviationdoctor.eth
1/ France is once again in the spotlight for unfortunate reasons — this time, the arrest of Telegram’s CEO, Pavel Durov. I’ve done a bit of digging among French sources to figure out what’s happening. A 🧵
20 replies
42 recasts
110 reactions
Thomas pfp
Thomas
@aviationdoctor.eth
2/ Durov was arrested at Le Bourget airport near Paris last night after flying there from Baku (Azerbaijan) on his business jet. He was accompanied by his bodyguard and personal assistant, and was planning to have dinner in Paris that evening.
1 reply
0 recast
16 reactions
Thomas pfp
Thomas
@aviationdoctor.eth
3/ The arrest was motivated by an outstanding search warrant against Durov. It is unclear whether Durov was aware of the warrant before deciding to fly to France.
1 reply
0 recast
7 reactions
Thomas pfp
Thomas
@aviationdoctor.eth
4/ The warrant was issued by a judge based on a request by the “Minors Office” (OFMIN). In that sense, the arrest is neither arbitrary, political, nor unlawful.
1 reply
0 recast
8 reactions
Thomas pfp
Thomas
@aviationdoctor.eth
5/ OFMIN is a 40-strong specialized police unit reporting to the Ministry of Interior and created in November 2023 to investigate online crimes against minors.
1 reply
0 recast
8 reactions
Thomas pfp
Thomas
@aviationdoctor.eth
6/ As far as I can tell, OFMIN is not accusing Durov himself of crimes against minors. Instead, Durov is being accused of either refusing to filter Telegram for child sexual abuse material (CSAM), or refusing to cooperate with French police on specific CSAM investigations involving Telegram, or both.
1 reply
1 recast
12 reactions
Thomas pfp
Thomas
@aviationdoctor.eth
7/ The CSAM problem is real and widespread. The French OFMIN received 318,000 reports in 2023, up from 227,000 in 2022. Not all those involve Telegram, of course.
1 reply
0 recast
8 reactions
Thomas pfp
Thomas
@aviationdoctor.eth
8/ 90% of those reports actually originate from the U.S. nonprofit National Center for Missing & Exploited Children (NCMEC), and are forwarded to OFMIN only because either a perpetrator or a victim used an IP geolocated in France.
1 reply
0 recast
9 reactions
Thomas pfp
Thomas
@aviationdoctor.eth
9/ There are precedents for platform providers attempting to moderate CSAM. Most famously, Apple engineered an iCloud photo scanning tool that detects CSAM.
1 reply
0 recast
7 reactions
Thomas pfp
Thomas
@aviationdoctor.eth
10/ That project launched in August 2021 and was terminated two years later. Apple determined that there was no way to filter CSAM without making unacceptable tradeoffs to user privacy, and that the latter’s importance trumped the former’s.
2 replies
0 recast
6 reactions
Thomas pfp
Thomas
@aviationdoctor.eth
11/ It seems that over the years, Durov reached a similar conclusion as Apple and refused to implement moderation tools that would monitor Telegram chats to detect and report CSAM.
2 replies
0 recast
9 reactions
Thomas pfp
Thomas
@aviationdoctor.eth
12/ It also appears that he refused a French judge’s request to hand over encryption keys (or to use them to decrypt communications from suspects) in one or more CSAM cases, leading to the warrant.
1 reply
0 recast
9 reactions
Thomas pfp
Thomas
@aviationdoctor.eth
13/ The French media also make references to non-CSAM police cases involving Telegram communications: terrorism, organized crime, drug trafficking, etc. So it is possible that the warrant is also for Durov’s refusal (in his CEO capacity) to comply with those other investigations.
1 reply
0 recast
7 reactions
Thomas pfp
Thomas
@aviationdoctor.eth
14/ In cypherpunk fashion, you may disagree with laws that require communication providers to hand over to investigators the contents of private communications (encrypted or not) in response to a legal subpoena.
1 reply
0 recast
12 reactions
Thomas pfp
Thomas
@aviationdoctor.eth
15/ But that happens all the time in many, if not most, countries (and it still beats the state having a backdoor into the encryption). Furthermore, it has little to do with the country being democratic or not.
1 reply
0 recast
8 reactions
Thomas pfp
Thomas
@aviationdoctor.eth
16/ Democracy is only a mechanism for deciding how laws are passed. It is orthogonal to deciding whether the laws should value privacy more than the so-called public interest or security.
1 reply
0 recast
11 reactions
Thomas pfp
Thomas
@aviationdoctor.eth
17/ Regardless of your own view on this tradeoff, it’s unlikely that cypherpunks can ever convince states of the absolute sanctity of privacy in communications.
1 reply
1 recast
11 reactions
Thomas pfp
Thomas
@aviationdoctor.eth
18/ All it takes is one particularly egregious case of terrorism or child trafficking for the public opinion to side again with those who would rather give up privacy for security.
1 reply
0 recast
11 reactions
Thomas pfp
Thomas
@aviationdoctor.eth
19/ If you believe in the sanctity of privacy as a cornerstone for freedom and government overreach avoidance, then the best remedy is to build, fund, promote, and use…
1 reply
1 recast
10 reactions
Thomas pfp
Thomas
@aviationdoctor.eth
20/ … auditable, open-source, end-to-end encrypted (E2EE) software whose design doesn’t even offer the possibility of such privacy violations, because no server holds the keys. It also shouldn’t depend on centralized failure points like GitHub (thanks @nicom for that last point).
1 reply
0 recast
14 reactions
Thomas pfp
Thomas
@aviationdoctor.eth
21/ Unfortunately, Telegram is *not* one such software, and the responsibility for that questionable design lies entirely with Durov. In Telegram, you *can* initiate an E2EE channel, but it takes extra steps and is not intuitive.
2 replies
0 recast
9 reactions
Thomas pfp
Thomas
@aviationdoctor.eth
22/ By default, chats rely on server-side encryption, which means that Telegram can be subpoenaed or coerced into giving up the keys.
2 replies
0 recast
9 reactions
Thomas pfp
Thomas
@aviationdoctor.eth
23/ Other software such as Signal or WhatsApp use E2EE by default, so they are technically unable to violate their users’ privacy (except by capturing what happens at the app level, of course). This means that their CEOs cannot be held responsible for not complying with investigations.
1 reply
0 recast
8 reactions
Thomas pfp
Thomas
@aviationdoctor.eth
24/ The downside, of course, is that some countries prefer to simply ban those apps over which they can exert no control.
2 replies
0 recast
7 reactions
Thomas pfp
Thomas
@aviationdoctor.eth
25/ At any rate, Durov will now be held in custody (“garde à vue” or GAV) with legal counsel present during questioning. The standard GAV duration is 24 hours extendable to 48.
1 reply
0 recast
7 reactions
Marcela pfp
Marcela
@laursa.eth
in brazil this has almost happened dozens of times
0 reply
0 recast
1 reaction