From Russia With Crypto: A Political History of Telegram1 - Usenix
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
From Russia With Crypto: A Political History of Telegram 1 Nathalie Maréchal, University of Southern California Abstract they wish to access notwithstanding censorship at- This paper offers a political history of Telegram, a plat- tempts by nation-states or other actors, express them- form that combines aspects of social networking with selves as they wish in both the public sphere and in secure messaging, and whose vocal commitment to user private, or any combination of the above. Controver- privacy and freedom of expression has brought it into sially, many such tools have institutional, financial, or open conflict with a number of governments, most re- ideological ties to the U.S. Internet Freedom agenda, to cently in Iran and Russia. A detailed project history Silicon Valley corporations, or both, raising vital ques- traces Telegram’s roots to Pavel Durov’s ouster from tions about the relationship between U.S. power, social Vkontakte, the social networking site he had founded, movements, and international relations in the 21st cen- at the behest of the Kremlin. The paper then analyzes Telegram’s ideology and politics by focusing, in turn, tury. But unfortunately, much of the discussion about on Telegram’s emergence in the context of Vladimir digital rights technology fails to adequately distinguish Putin’s crackdown on technologically-enabled civil between Internet Freedom as a component of U.S. for- society; on Pavel Durov’s cyber-libertarianism; and on eign policy, the commercial interests of Silicon Valley Telegram’s peculiar business model. The analysis corporations, and digital rights as a normative commit- shows that while Telegram’s rhetoric emphasizes user ment to human rights online. Understanding these new security, privacy, and freedom of expression, the com- digital rights technologies, their development histories, pany fails to demonstrate that it actually lives up to their business models, and the ideologies that discur- these commitments. Rather than earning user trust sively sustain them is vital for understanding communi- through transparency and accountability, Telegram’s cation, politics, and power in the 21st century. value proposition hinges on blind trust on Pavel Durov’s good intentions and his team’s stated creden- This paper, which is part of a broader study on the po- tials. litical economy of digital rights technology (see Maréchal, 2018), examines one tool that lacks any con- 1. Introduction nections to the Internet Freedom agenda, to Silicon Val- Many governments are increasingly willing and able to ley, or to the United States: Telegram, a platform that surveil internet users and to control the flow of informa- combines aspects of social networking with secure tion within and across their borders. In response, vari- messaging. In fact, founder Pavel Durov has been pub- ous groups are developing software tools to maintain licly critical of the Internet Freedom agenda as an ide- privacy and/or access to the open internet and preserve ology, arguing that U.S. government funding renders an important “coordination good” — an activity people tools like Signal and Tor fundamentally untrustworthy engage in to win power, but that governments can re- (Levine, 2017). But even as Telegram rejects the dis- strict in order to undermine disruptive social move- course of liberation technology (Diamond, 2010), it ments without excessive repercussions on the economy positions itself as an alternative to Silicon Valley plat- (Bueno de Mesquita and Downs, 2006). These “digital forms and to tools linked to the U.S. Internet Freedom rights technologies” (Maréchal, 2018) allow individuals agenda for users who value “freedom,” particularly to better protect their privacy, access the information freedom from a heavy-handed state (Durov, 2018), dis- cursively linking itself to related concepts like emanci- 1 This conference paper is adapted from Chapter 8 of my PhD dissertation (2018), titled Use Signal, Use Tor? The Political Economy of Digital Rights Technology. The study explores the political economy surrounding some of the new communications tools undergirding 21st century social movements through four case studies focused on digital rights technology projects: Psiphon, Tor, Signal, and Telegram. Page 1 of 20
patory communication practices (Milan, 2013) and tings interface. In addition to exchanging messages with freedom technologists (Postill, 2014). Indeed, Telegram individual contacts or groups of contacts, users can also grew out of an effort to thwart Russian state sur- subscribe to large group chats known as Channels, veillance, and the literature supporting Telegram’s early which can include up to 100,000 users. These public 2018 Initial Coin Offering (ICO) positions the company Channels are akin to email distribution lists and are as an explicitly libertarian project (Telegram, 2018). It notably used in Iran to circumvent restrictions on the thus provides an interesting contrast to other digital traditional mass media. The Telegram app lacks a dis- rights technology projects, whose cyber-libertarian covery mechanism, however, and it seems that most leanings are tempered by the rhetoric of human rights users select Channels to follow through word-of-mouth and by the transparency and oversight requirements or by consulting lists maintained online. I followed associated with nonprofit status, contractual obligations, “Durov’s Channel,” which Pavel Durov uses to com- and/or grant reporting requirements. municate with users directly, throughout the fieldwork period. Telegram’s API is open, allowing the use of We begin with an overview of basic information about third-party clients. Telegram: what it is, what it does, and how. Next, a detailed project history traces Telegram’s roots to Pavel 1.2. The basics: What is Telegram? Durov’s ouster from Vkontakte, the social networking Telegram is a smartphone and desktop application that site he had founded, at the behest of the Kremlin. The combines “secure” messaging with elements of a social following sections analyze Telegram’s ideology and networking site, developed by Russian-born brothers politics by focusing, in turn, on Telegram’s emergence Pavel and Nikolai Durov and launched in August 2013 in the context of Vladimir Putin’s crackdown on tech- (though Telegram’s security claims merit further scru- nologically-enabled civil society; on Pavel Durov’s tiny). As of March 2018, Telegram boasted 200 million particular brand of cyber-libertarianism and its cypher- monthly active users (Durov, 2018). Its all-male, 15- punk roots; and on Telegram’s peculiar business model, person development team is currently based in Dubai, which allows Telegram to operate without answering to and reportedly comprises “ethnic Russians” exclusively any higher authority than Pavel Durov himself. (Telegram, 2018; Walt, 2016). 1.1. Data, sources and methods The Durovs had previously founded the social network- This study is based on content analysis of Telegram’s ing site Vkontakte or VK, but were forced out by the Kremlin after the platform was used to organize mass publications and of public statements by the Durov brothers (many communicated via Telegram itself), protests against the results of the 2011 legislative elec- tions, widely suspected of being rigged in favor of analysis of media coverage, and secondary sources, as well as select interviews with cryptographers and others Vladimir Putin’s United Russia party. The FSB, Rus- sia’s security service and a successor agency to the with expertise on the subject matter. Most of the con- sulted sources were in English, and I used Google KGB, asked VK to turn over user information and to remove certain content relating to the protests, which Translate on a small number of Russian-language sources. Vkontakte CEO Pavel Durov refused to do. He was subsequently forced to sell his interest in VK to an oli- Following the walkthrough method for studying apps garch close to the Kremlin, after which the shares were sold to the Russian internet company mail.ru. described by Light et al. (2016), I downloaded the Telegram app on my personal iPhone.2 The user inter - The brothers have been living in exile ever since, and face is very simple, featuring a contacts list, a list of Telegram’s team has operated from a variety of loca- chats (groups and individual interlocutors), and the set- 2 The walkthrough method is “grounded in a combination of science and technology studies with cultural studies” (Light et al, 2016, p. 1), and “is a way of engaging directly with an app’s user interface to examine its tech- nological mechanisms and embedded cultural references to understand how it guides users and shapes their experi- ences” (p. 2). The process invites the researcher to engage with the app in the same way that a new user would, from initial sign-up, to usage, to exiting from the app (including terminating one’s user account, if applicable). Page 2 of 20
tions around Europe before recently moving to Dubai lated. In some ways, it was more liberal than the United (Telegram, 2018; Walt, 2016). Telegram was entirely States” (Hakim, 2014). Since then, of course, the state funded by Pavel Durov himself until early 2018, when has clamped down on all forms of media, including the the company announced an ambitious plan to develop a internet, as we will see in the next section. “Since I’m blockchain-based ecosystem comprising encrypted obviously a believer in free markets,” Durov told the cloud storage, censorship-resistant technology, and a New York Times, “it’s hard for me to understand the cryptocurrency called the “Gram” (Telegram, 2018). As current direction of the country” (Hakim, 2014). of early April 2018, an Initial Coin Offering (ICO) pre- sale had raised over $1.7 billion, after which the formal Durov says that he’s “not a big fan of the idea of coun- ICO itself was cancelled, possibly as a way to sidestep Securities and Exchange Commission (SEC) require- tries” (Hakim, 2014), and often seems to thumb his ments (Jeffries, 2018; Moore, 2018). nose at the idea of national sovereignty, particularly at the idea that national laws apply online, bringing to 2. Project history mind J.P. Barlow’s Declaration of the Independence of Telegram is the brainchild of Russian brothers Nikolai Cyberspace (1996). For example, in 2007, Durov de- and Pavel Durov, who previously founded the social cided to allow VK users to upload music and videos site Vkontakte or VK (meaning “in contact,” in Russ- regardless of copyright, drawing opprobrium from the ian). The sons of a university classics professor, the U.S. government and lawsuits from the recording in- brothers spent part of their childhood in Italy before dustry. The company didn’t start proactively enforcing returning to their native St. Petersburg. The eldest, copyright laws until late 2013, after the Duma, Russia’s Nikolai, holds two PhDs in mathematics, while Pavel legislature, passed a law ordering that sites that facili- studied linguistics at St. Petersburg State University and tate copyright violations be blocked (Dredge, 2014; learned computer programming from his brother. After Hakim, 2014; Yaffa, 2013). In a 2012 manifesto pub- university, he “trained in propaganda” as part of his lished in the magazine Afisha, Durov argued that Russia compulsory military service, immersing himself in the should “rid society of the burden of obsolete laws, li- writings of Sun Tzu, Genghis Khan, and Napoleon censes, and restrictions … the best legislative initiative (Hakim, 2014; Yaffa, 2013). is absence” (Durov, 2012, cited in Yaffa, 2013). Pavel Durov was in his early 20s when Facebook first By 2011, Vkontakte was Russia’s leading internet prop- launched on American college campuses, and he was erty. Like elsewhere, internet users in Russia took ad- among a handful of Russian developers racing to build vantage of the platform’s affordances to create groups the first Russian social networking site. VKontakte and organize events of all kinds, including many dedi- launched in 2006, with a graphic user interface that is cated to politics and social causes. In a country where noticeably similar to Facebook’s, down to the blue-and- civic and political activities had long been strictly con- white color palette. By the time Facebook opened itself trolled by the ruling Communist Party, this newfound to all users — and not just those with a .edu email ad- ability for ordinary citizens to self-organize represented dress — VKontakte had cornered the market on the a threat to the status quo. Moreover, Russian political Russian-speaking internet, known as the RuNet. elites were highly suspicious of the internet, which it held responsible for a host of perceived maladies as The Western media often calls Pavel Durov “the Russ- varied as youth suicide, drug usage, homosexuality, and ian Mark Zuckerberg,” and his personal philosophy critiques of traditional society and religion (Maréchal, does indeed have much in common with Silicon Valley 2017; Ognyanova, 2015). Vladimir Putin had then been cyber-libertarianism. He started VK during the fleeting prime minister for three years, following two terms as period of time when it seemed that Russia might be president (2000-2008). In September 2011, the Duma transitioning to a functional democracy, telling the New extended presidential terms from four to six years, and York Times that “the best thing about Russia at that Putin announced that he would run for president in the time was the Internet sphere was completely not regu- 2012 election. For many Russians as well as foreign Page 3 of 20
observers, the announcement dashed what hopes re- 2014). Before long, the pair “cobbled together” an en- mained that Russia would complete its democratic tran- crypted messaging system to avoid surveillance by the sition. The legislative elections that December were FSB (Walt, 2016). The fact that the Durovs “rolled their marred by reports of widespread voter fraud, and tens own crypto” rather than building on established proto- of thousands of Russians took to the streets in Moscow cols and consulting expert cryptographers looms large and other cities to protest both the flawed election and in technical critiques of the platform’s security. the increasingly autocratic United Russia party, to which both Putin and president Dmitry Medvedev be- Protests continued for several months, occasionally longed. Opposition leader and blogger Alexei Navalny punctuated by mass arrests and by counter-protests in was particularly active on social media, using VK support of Putin and United Russia. Putin won the May among other platforms to organize protests and to dis- 2012 presidential election, appointing his predecessor seminate information related to his many grievances Medvedev as prime minister (Soldatov & Borogan, against the government. It was starting to look like Rus- 2015). sia may be about to have its own “Color Revolution,” which some dubbed the “Snow Revolution” (Ioffe, In April 2013, Pavel Durov fled Russia for Buffalo, 2011; White & McAllister, 2014). New York, after being charged with allegedly running over a police officer’s foot with a car, and focused his Less than a year after the start of the Arab Spring, the attention on the tool that would eventually become received wisdom at the time was that social media Telegram. The charges were quickly dropped, as they had achieved their objective: running Durov out of the “caused” revolutions, or at the very least made them country. He was still nominally the head of VK and possible in otherwise stable autocracies (see Shirky, owned 12% of the company, but he mostly kept a low 2011). There was little to be done about foreign plat- profile. One exception came in August, when he pub- forms like Facebook and Twitter, at least in the short licly offered Edward Snowden (who had recently land- term, but the Russian security services quickly pres- ed in Moscow after blowing the whistle on U.S. mass sured Vkontakte to shut down Navalny’s page and other surveillance programs) a job at VK. The announcement groups used to plan demonstrations. Instead, the rebel- was made via a VK post, characteristically (Boyette, lious Durov modified the site to give Navalny’s posts 2013). greater visibility, and posted his “official reaction” on Twitter: an image of a hoodie-wearing dog, sticking its The pressure on Vkontakte and on Durov continued, tongue out. He later issued an “open letter” couching with the FSB notably demanding information about his refusal to cooperate in business terms: “If foreign users belonging to VK groups focused on the Euro- sites continue to exist in a free state, and Russian ones maidan protest movement in Ukraine. Durov once again begin to be censored, the RuNet [Russian-language refused, saying: "To give the personal details Internet] can await only its slow death” (Durov, 2011, of Ukrainians to the Russian authorities would not only cited in Yaffa, 2013). The security forces appeared at be against the law, but also a betrayal of all those mil- his door soon after; Durov refused to let them in. lions of people in Ukraine who trusted us. The freedom to disseminate information is an inalienable right of a Durov says that this is the moment that Telegram was postindustrial society" (The Moscow Times, 2014). conceived. "The no. 1 reason for me to support and help launch Telegram was to build a means of communica- Amid these tensions, Telegram launched in August tion that can’t be accessed by the Russian security 2013. Fortuitously for Telegram, its launch was fol- agencies,” he told Tech Crunch (Tsotsias, 2014). With lowed a few months later by the announcement that police threatening to break down his front door, Durov Facebook had acquired WhatsApp, Telegram’s principal called his brother Nikolai. “I realized I don’t have a safe competitor. Concerned about Facebook’s data moneti- means of communications with him,” he told the New zation plans, many users turned to alternative messag- York Times. “That’s how Telegram started” (Hakim, ing applications, resulting in over 8 million Telegram Page 4 of 20
downloads across the iOS and Android platforms in just ny. “I did not want to make the same mistake a few days (Tsotsias, 2014). As we will see, one of of relying on a single jurisdiction,” he says. Telegram’s key value propositions is that unlike many “No matter how good a place looks, you don’t other messaging applications it lacks any financial or know what crazy new regulation they will in- institutional relationships to the U.S. government or to troduce” (Walt, 2016). American technology companies. As of mid-2018, Telegram’s 15-man team — there are Still abroad, Durov submitted a resignation letter in no women — is based in Dubai (Telegram, 2018), March 2014, announced he was stepping down as VK’s though who knows how long that will last. The United CEO on April 1, then claimed it was all an “April Arab Emirates is far from a bastion of free expression Fool’s joke” a few days later. Within a few weeks, the or online privacy, and it seems likely that Telegram will eventually run afoul of local regulations or otherwise company’s board announced that Durov was no longer displease the authorities, particularly if the Emirati the CEO, as the letter withdrawing his previous resigna- population starts using the platform for political pur- tion was “not in accordance with all the rules” (The poses, as Telegram’s large Iranian user base has done. Moscow Times, 2014). The move was widely interpret- ed as Durov losing his stand-off with the Kremlin. Indeed, Telegram is one of the most popular communi- cation services in Iran, with roughly half of the coun- The brothers have been living in exile ever since, ac- try’s population of 80 million using the platform, which quiring citizenships in St. Kitts in exchange for plays a unique role in the country’s communication $250,000 donations apiece to the Caribbean island’s ecosystem: Sugar Industry Diversification Foundation. The pass- ports allow for unlimited visa-free travel across Europe Since 2009, Iranians have become experts in (Walt, 2016). The company is registered as a British avoiding censorship and circumventing gov- LLP, and uses a series of shell companies registered ernment controls. And Telegram, available around the world. This structure is designed to help the outside Iran’s “filternet” and with its high per- company evade government requests for user informa- formance at low internet speeds, has become a tion and for content restrictions (Hakim, 2014) and, uniquely potent and ubiquitous agent of com- more generally, to stay one step ahead of government attempts to regulate or control the company: munication and information dissemination in the cat-and-mouse game between the people Durov originally based Telegram out of a and those trying to control them. It’s easy to small Berlin office, but the staff now works out store and share large files—like videos—on of a series of houses and apartments rented the platform; it works well with Persian’s mostly on Airbnb.com, or out of swank hotels [right-to-left] script; and it offers the ability to like the one in London; in the summer they develop Persian-language bots and stickers might be found in a rented house on a lake in (fun memes and images shared in chats) on top Finland. After a month or two at any one of a simple interface. Unlike Twitter, millions place, they move on. Durov describes his team of Iranians use Telegram in their everyday as “nomads.” He says Telegram is registered in lives—around 40 million monthly users in a several countries including the U.K. country of 45 million overall online users, according to the latest ITU statistics. They Durov explains the peripatetic lifestyle as a often rely on Telegram’s private group chats to way of preventing the company from becom- stay in touch with friends or family; receive ing embroiled in the politics or economic ups their news from local and diaspora Persian and downs of any single country—a lesson he news sources on the platform’s public chan- says he learned from the turmoil in Russia that nels; or subscribe to traffic, weather, shopping upturned his life and lost him his first compa- or entertainment updates from their neighbor- Page 5 of 20
hood (Alimardani, 2018a). dangerous commodity to be feared and controlled, rather than a right and a public good. Contrary to liberal After street protests broke out in a number of cities conceptions of a free press serving as a fourth branch of across the country in December 2017, Iran’s minister governance and fostering a Habermasian public sphere of ICT asked Telegram to censor the channel of inde- (Habermas, 1989), the Soviet regime saw the media as pendent news outlet AmadNews for “encouraging hate- a danger to be tightly controlled, with only select elites ful conduct, use of Molotov cocktails, armed uprising, permitted access to objective news or to foreign publi- and social unrest.” The channel was linked to the Green cations (Gorny, 2007; Soldatov & Borogan, 2015). For Movement, and its stated mission was to “expose the example, ownership and use of photocopiers were tight- corruption of the regime and its clandestine activities.” ly restricted in an attempt to prevent the distribution of Hardliners within the Iranian government had been samizdat, photocopied pamphlets of “subversive” mate- pushing for the channel’s removal for several months, rial (Hanson, 2008). 3 and were gratified when Telegram finally complied on December 30 (Alimardani, 2018a). Nonetheless, The Soviet Union collapsed in 1991, and print and Telegram was blocked (via technical means) in Iran the broadcast media were briefly liberalized during the very next day. The block lasted until January 13 (Ali- Yeltsin era, though many were owned by —and behold- mardani, 2018b). en to — various oligarchs. Nonetheless, the variety of influences over the media ushered in an era of relative Iran has blocked Twitter since the 2009 Green Move- media freedom. Former KGB colonel Vladimir Putin ment protests, with hardliners attacking the American took office in late 1999, and promptly reasserted the platform as a core component of the “cultural NATO” Kremlin’s control over the media under the auspices of that is waging a “Soft War” against Iran (see Alimar- “liberating” the press from the oligarchs. For many dani & Milan, 2017; Price, 2015). Unlike Psiphon, Russia experts, understanding Putin is key to under- Twitter, and many other online communication tools, standing Russia today. Putin served in the Soviet intel- Telegram lacks financial or ideological ties to the Unit- ligence agency, the KGB, for 16 years, rising to the ed States and its foreign policy apparatus, and had been rank of colonel, and he spent much of the pivotal pere- tolerated in Iran until the recent ban. Clearly, hardliners stroika years outside of Russia. His views on gover- within the Iranian government now feel threatened by nance, the rule of law, the role of information in society, Telegram as well. and the Russian national interest are very much influ- enced by the KGB’s authoritarian traditions, themselves 3. Analysis grounded in the authoritarianism of imperial Russia (Soldatov & Borogan, 2015). 3.1. Telegram’s Russian origins The end of the Cold War and collapse of the USSR, As seen in the previous section, Telegram is the product which also marked the end of Russia’s superpower sta- of founders Pavel and Nikolai Durov’s contentious rela- tus, was a sore spot for the Russian elite, who perceived tionship with the Russian state. This relationship is it- the U.S.’s success in exporting its cultural products as a self shaped by Russia’s unique approach to information threat to national sovereignty. Elites also resented grow- and communication policy, which long predates the ing U.S. influence in Eastern Europe and Central Asia, Russian Federation itself. The recent history of Russian which they saw as Moscow’s rightful sphere of influ- information and communication policy is thus impor- ence, as well as the European Union’s eastward expan- tant context for understanding Telegram (see Maréchal sion into the former Eastern Bloc. Over the course of 2017 for a more detailed discussion of that history). his first presidency (2000–2008), during which time domestic internet access grew considerably, Putin came The Russian approach to information policy is rooted in to see the information revolution as “one of the most the country’s imperial and Soviet past (Maréchal, pervasive components of U.S. expansionism in the 2017). Under the USSR, information was considered a post-Soviet sphere, most notably in Russia itself” (No- 3 See Peters, 2016 on the history of computing and cybernetics in the Soviet Union Page 6 of 20
cetti, 2015, p. 129). Where others might have seen op- have further fueled concerns that the internet represents portunities for innovation and growth, Putin saw threats a threat to the status quo and that it poses a threat to to the status quo and his hold on power, thus following Russian political leaders (Howard & Hussain, 2013; in the footsteps of his Soviet and pre-bolshevik prede- Nocetti, 2015). Indeed, opposition groups led by Alexei cessors alike. However, Russia’s political classes did Navalny used Facebook to coordinate street protests in not understand the internet well enough to regulate it, the aftermath of the 2011 legislative elections, and and the RuNet flourished outside of government control while the protests failed to coalesce into a lasting social for the first decade of the Putin era. movement, such an outcome was not completely out- side the realm of possibility (Soldatov & Borogan, Putin switched posts with his prime minister, Dmitry 2015; White & McAllister, 2014). Moreover, there is Medvedev, in 2008 to circumvent constitutional term good reason to believe that Putin sees the U.S., and limits. A series of “color revolutions” and the Arab specifically then-Secretary of State Hillary Clinton, as Spring solidified Putin’s understanding of the internet directly responsible for fomenting these protests. Under as a threat to political order and national sovereignty. this paradigm, such interference in Russia’s domestic He notably saw the mass protests of 2011-2012 as a politics constitutes a violation of national sovereignty component of American “information aggression” or- tantamount to information warfare. Likewise, U.S. poli- chestrated from Washington, specifically by then-Secre- cy initiatives like democracy promotion and the Internet tary of State Hillary Clinton (Nocetti, 2015). Freedom agenda are seen as promoting political projects that are aligned with U.S. interests, almost in- Russian internet policy—in both the domestic and for- variably at the expense of Russia’s own interests (No- eign policy spheres—is rooted in the premise that cetti, 2015). Western countries (mainly the U.S.) use the internet to overthrow governments in “countries where the opposi- Putin won the 2012 presidential election in spite of the tion is too weak to mobilize protests” (Nocetti, 2015, p. protests, and intensified his efforts to control the inter- 114)— or, in other words, countries living under au- net. It soon became clear that the traditional mecha- thoritarian regimes. Russian foreign policy hews to a nisms for information control — censorship and intimi- strict interpretation of Westphalian nation-state sover- dation of key individuals, resulting in chilling effects — eignty, at the core of which is the principle of non-in- were inadequate in the social media era (Maréchal, tervention. The free and open internet threatens that 2017; Ognyanova, 2015; Soldatov & Borogan, 2015). principle, allowing foreign and potentially subversive Intimidation and financial pressure had successfully viewpoints to circulate across Russia. The “color revo- wrestled control of Vkontakte from libertarian Pavel lutions” of the early 21st century and the Arab Spring Durov and replaced him with management that was Page 7 of 20
more willing to cooperate with the FSB’s demands, but But Facebook and Twitter don’t store their foreign platforms like Twitter and Facebook remained user data in Russia, keeping it out of SORM’s outside the security services’ reach. reach (Soldatov and Borogan, 2013, para. 20). The 2012 reform of the SORM4 surveillance system, This desire to gain access to Russian users’ online ac- first launched in 1995 to monitor telephone and internet tivities was the key motivation for data localization communications, brought social networking sites under laws promulgated in the aftermath of the Snowden rev- the mass surveillance system’s purview, which already elations. While the laws’ proponents claimed to be mo- required internet service providers to deploy Deep tivated by a desire to protect Russians’ personal data Packet Inspection (DPI) technology5 to monitor all from the U.S. National Security Agency (NSA), these communications originating or terminating in Russia requirements do nothing to impede NSA spying while (Soldatov & Borogan, 2015). As Soldatov and Borogan facilitating the SORM system’s access (Maréchal, note, the tools used to monitor social networking sites 2017; Sargsyan, 2016). Russian media regulator at the time had a crucial flaw: Roskomnadzor began enforcing data localization re- quirements for foreign companies in 2017, and foreign These systems were developed for searching companies face with the possibility of being blocked in structured computer files, or databases, and Russia if they don’t comply. LinkedIn (owned by Mi- only afterwards adapted, some more success- crosoft) became the first foreign site to be banned for fully than others, for semantic analysis of the failing to comply with the data localization requirement Internet. Most of these systems were designed in October 2016 (Rothrock, 2016). to work with open sources and are incapable of monitoring closed accounts such as Facebook. In 2016, Russia passed a draconian legislative package, known as the Yarovaya Laws after one of its sponsors, The FSB discovered early on that the only way that further restricts privacy and freedom of expression to deal with the problem was to turn to SORM. both offline and online. Among other things, the laws The licenses require businesses that rent out require “information dissemination services” to register site space on servers to give the security ser- with the state media regulator, to store all message con- vices access to these servers via SORM, with- tent for six months and metadata for three years, and to out informing the site owners. With this provi- preemptively make decryption keys available to the sion, the FSB has had few problems monitor- authorities (International Center for Not-for-Profit Law, ing closed groups and accounts on Russian social networks Vkontakte and Odnoklassniki. 4 System of Operational-Investigatory Measures 5 As Laura DeNardis puts it, “DPI is a transformational technology that creates unprecedented regulatory possibili- ties for controlling the flow of content online” (2014, p. 206). Demonstrating why this is the case requires a basic understanding of the technology itself. Information (whether it’s text, voice, or something else) is transmitted over the internet as packets, small bundles of data that are individually routed from the sender to the receiver, then put back together in the correct order. Packets consist of both payload (the actual content of the communication) and a header, which contains the packet’s metadata: its origin, destination, and not much else. The header is analogous to an envelope, telling each piece of equipment along the way where the payload should be delivered. Until fairly re- cently, computing power limited the types of analyses that routers, switches and other network hardware could per- form on passing traffic, but advances in this domain have made it possible for hardware to simultaneously process millions of packets, reading not just the headers but the payload as well. Unless the packet is encrypted, the only impediment to stopping a DPI-capable machine from reading the payload are social and legal norms against this type of surveillance—which are absent in Russia. From there it is possible to block or throttle back traffic based on its origin, destination, file type (text, voice, multimedia), protocol (P2P, FTP, HTML, SMTP) or the content of the message itself (DeNardis, 2014). Page 8 of 20
2016).6 Telegram complied with the registration re- Cyber-libertarianism is “the belief that individuals— quirement, but refused to share decryption keys, for acting in whatever capacity they choose (as citizens, which it was fined 800,000 rubles (roughly $14,000 consumers, companies, or collectives)—should be at USD). The company lost its appeal in March 2018, and liberty to pursue their own tastes and interests online,” on April 6 the media regulator filed suit against with the goal “to minimize the scope of state coercion Telegram in an effort to ban the platform in Russia in solving social and economic problems and looks (Krishna 2017a, 2017b, 2018a, 2018b). On April 13, instead to voluntary solutions and mutual consent-based after an 18 minute hearing, the court ordered Russian arrangements” (Thierer & Szoka, 2009, para. 1-2). ISPs to start blocking Telegram, though the RuNet was David Golumbia, an outspoken critic of cyber-libertari- abuzz with instructions for circumventing the ban with- anism, summarizes the ideology as “computerization in hours (Stubbs & Ostroukh, 2018). will set you free,” and identifies a number of corollaries to this central tenet, including: “a resistance to criticism This court battle is but one example of how internet of the incorporation of computer technology into any technologies challenge traditional conceptions of sover- sphere of human life; a pursuit of solutions to perceived eignty: countries can block services or content, but en- problems that takes technical methods to be prior to forcing these blocks is technically complex and very analytic determination of the problems themselves; a expensive. The case also illustrates two important privileging of quantificational methods over and above, things about the company and its co-founders. The and sometimes to the exclusion of, qualitative ones; the Durovs’ lawyers advanced two lines of argumentation: use of special standards for evaluating computational first, that the requirement to share decryption keys was practices that differ from those used in evaluating non- unconstitutional, and second, that Telegram was unable computational ones; and an overarching focus on the to comply with the requirement because it did not itself power of the individual and individual freedom, even possess the decryption keys: the end-to-end encrypted when that individual is understood to be embedded in a Secret Chats (which users must actively select, in con- variety of networks” (2013, p. 1). trast to other messaging apps which encrypted all com- munication by default) use keys that Telegram cannot As we saw in the Project History section of this case access, and the keys used to secure “normal” chats and study, Telegram originated as a way for the Durov public channels while in transit are stored in a dis- brothers to communicate securely while they (and tributed fashion across multiple legal jurisdictions Vkontakte) were engaged in a high-stakes standoff with (Telegram, n.d.). As we will see in the next section, Russian authorities in late 2011. The platform launched these are deliberate design choices that reflect Pavel in mid-2013, and became the Durovs’ sole focus within Durov’s libertarian political ideology. a year, as Pavel was ousted from VK the following spring. 3.2. Telegram’s ideology Media portrayals of Pavel Durov have described his This section delves further into Telegram’s ideological political leanings as “the sort of techno-utopian, liber- underpinnings to draw connections between this ideol- tarian ideas popular in Silicon Valley” (Yaffa, 2013). ogy and Telegram’s design choices, policy decisions, Indeed, the White Paper issued in advance of the and how people use the platform to political ends. I Telegram ICO is clear about Telegram’s ideological argue that Telegram is a cyber-libertarian project in the underpinnings: “Telegram was founded in 2013 by lib- cypherpunk tradition that is untempered by regulation, ertarians to preserve freedom through corporate governance, or accountability to any higher encryption” (Telegram, 2018, p. 5). The idea of “free- authority than Pavel Durov himself. This appears to be dom through encryption” is, of course, the basic tenet an intentional feature, not a bug, albeit one that should of the cypherpunk ideology. Grounded in the writings give users pause. of David Chaum (1985), Tim May (1995), J. P. Barlow (1996), and Eric Hughes (1997), among others, the 6 The requirement to store message content came into effect on July 1, 2018. Other requirements were already in force. Page 9 of 20
cypherpunk movement is materially and discursively eties by technological platforms like their own creations sustained through the Cypherpunk Mailing List and (incidentally, placing vast amounts of wealth and power technologically embodied in computer programs like into their own hands). But the two men are the products Pretty Good Privacy, anonymous remailers, and cryp- of very different circumstances, and their careers — as tocurrencies. The cypherpunks envisioned a world well as the platforms they each spawned — would be where computer code — specifically encryption — shaped by dramatically different social, political, and would help end the nation-state’s dominion over indi- economic contexts. While Pavel Durov chiefly turns to vidual lives and bring about a libertarian utopia predi- his brother Nikolai for advice, Zuckerberg has long cated on individual autonomy and free association been surrounded by venture capitalists, lawyers, busi- (Levy, 2001; West, 2018). ness school graduates, and other products of late Amer- ican capitalism who molded Facebook into the (largely) Pavel Durov has long been vocal in his rejection of the law-abiding surveillance capitalism behemoth it is to- nation-state as a legitimate source of authority. He says day (see Vaidhyanathan, 2018). that he considers himself “a legal citizen of the world,” and has take a number of steps to sidestep national reg- In contrast, Durov has sought to keep his companies out ulation, including his purchase of citizenship in St. Kitts of reach of both the law and the market. Under his lead- and Nevis. At the same time, he seems to have some ership, Vkontakte resisted enforcing copyright laws, degree of national pride: "My dream is to break the and for a time hosted over half of the copyrighted audio national inferiority complex, proving that products from and video content on the RuNet. He only agreed to re- Russia can be massively claimed all over the move copyrighted content — upon request from the world" (Kononov & Igumenov, 2011). rights holder — after pressure from VK’s shareholders, who were concerned that enabling copyright violations In 2012, Durov “published a manifesto in the magazine at scale would stand in the way of an IPO on Western Afisha that called on Russia to “rid society of the bur- stock exchanges (Kononov & Igumenov, 2011). As for den of obsolete laws, licenses, and restrictions … the Telegram, both the company’s legal structure and its best legislative initiative is absence.” (Durov, 2012, technical architecture deliberately span multiple juris- cited in Yaffa, 2013). Durov’s biographer Nikolai dictions as a way to avoid being subjected to any one Kononov describes the VK founder’s impression of government’s authority (or so Telegram’s public docu- Mark Zuckerberg, after the two met in San Francisco: mentation claims). Durov asked Zuckerberg: "What do you think Durov rejects not only the nation-state, but also sur- about Twitter?" Zuckerberg did not discuss veillance capitalism, the business model based on tar- Twitter and started talking about social net- geted advertising that sustains companies like Google, works. The libertarian Durov felt in him a rev- Facebook, and a growing cross-section of firms in other sectors (Zuboff, 2015). This is an important contrast to olutionary brother. "We had more in common Mark Zuckerberg, who infamously declared that “pri- than [I did] with the business characters [with- vacy is dead” and has vociferously (and incorrectly) in Facebook],” he said after. "Mark is an anar- denied any causal relationship between his company’s chist, but not in terms of denying power and business model and the current misinformation crisis order, but in terms of understanding the out- (Vaidhyanathan, 2018). He resisted an advertising- dated nature of the state." The architects based business model for VK as long as possible, final- agreed that social networks are a superstruc- ly relenting in 2008 (Kononov & Igumenov, 2011), and ture over humanity, allowing information to Telegram pledges never to seek advertising revenue, spread past the centralizing horns of the state charge user fees, or sell traditional shares in the compa- (Kononov, 2013, cited in Forbes Staff, 2012). ny (Telegram, n.d.). Telegram presents this choice in a positive light, arguing that users should trust the plat- Durov and Zuckerberg both seem to view the nation- form because Durov is accountable only to his own state as an obsolete legacy of a bygone era, soon to be ideals, rather than to shareholders’ hunger for dividends replaced as the main organizing logic for human soci- or advertisers’ voracious appetite for user data. While Page 10 of 20
this implicit critique of capitalism resonates with many (Telegram, n.d.). audiences, Telegram’s value proposition requires com- plete faith in the Brothers Durov, their good intentions, While Telegram is right to point out that Silicon Valley and their technical capacity to deliver on their promises. corporations rhetorically redefine privacy as being about other users as a way to avoid discussing their The online FAQ defines privacy in opposition to the surveillance-based business model, the company fails to Silicon Valley business model, offering an ironclad prove that it lives up to its own commitments. commitment to privacy, albeit one for which it provides scant evidence, much less an accountability mecha- For now, Telegram is not completely free from national nism: regulation, though it has taken a number of steps to distance itself from governmental attempts to assert Q: What are your thoughts on internet pri- power. Though it claims to operate as a non-profit, vacy? Telegram is structured as a for-profit British LLP that is itself owned by a complex series of shell companies Big internet companies like Facebook or registered in various tax havens. Its decentralized tech- Google have effectively hijacked the privacy nical architecture is likewise designed to store user data discourse in the recent years. Their marketers and encryption keys across several jurisdictions,7 thus managed to convince the public that the most thwarting government requests for user information: important things about privacy are superficial tools that allow hiding your public posts or Q: Do you process data requests? your profile pictures from the people around you. Adding these superficial tools enables Secret chats use end-to-end encryption, thanks companies to calm down the public and to which we don't have any data to disclose. change nothing in how they are turning over private data to marketers and other third par- To protect the data that is not covered by end- ties. to-end encryption, Telegram uses a distributed infrastructure. Cloud chat data is stored in At Telegram we think that the two most impor- multiple data centers around the globe that are tant components of Internet privacy should be controlled by different legal entities spread instead: across different jurisdictions. The relevant decryption keys are split into parts and are 1. Protecting your private conversations never kept in the same place as the data they from snooping third parties, such as offi- protect. As a result, several court orders from cials, employers, etc. different jurisdictions are required to force us to give up any data. 2. Protecting your personal data from third parties, such as marketers, advertisers, etc. Thanks to this structure, we can ensure that no single government or block of like-minded This is what everybody should care about, and countries can intrude on people's privacy and these are some of our top priorities. Telegram's freedom of expression. Telegram can be forced aim is to create a truly free messenger, without to give up data only if an issue is grave and the usual caveats. This means that instead of universal enough to pass the scrutiny of sever- diverting public attention with low-impact al different legal systems around the world. settings, we can afford to focus on the real privacy issues that exist in the modern world 7 This architecture emulates earlier projects like MojoNation and BitTorrent — see Beyer & McKelvey, 2015. Page 11 of 20
To this day, we have disclosed 0 bytes of user ing a parasitic social paradise for North data to third parties, including governments African immigrants (Quénelle, 2016). (Telegram, n.d.). Similarly, the company rejects any responsibility to Telegram thus rejects all government oversight, even moderate user content, with the exception of narrowly when constrained by the rule of law and judicial review. defined “public content” and content related to terror- This position goes well beyond the demands of most ism, notably ISIS. Telegram deleted 78 different ISIS- digital rights campaigners, who argue that intermedi- related channels shortly after the November 2015 Paris aries should only turn over user information pursuant to attack, and continues to monitor such content closely a court order or equivalent legal process, and that com- and periodically shuts down channels related to terror- panies should publish figures on requests for user data ism. It seems to do so proactively, however, rather than and on their own compliance with such requests, thus in response to government requests, despite not having holding both companies and governments accountable a Terms of Service Agreement of community standards to a web of civil society organizations (MacKinnon, codifying user content. This paragraph from the Maréchal & Kumar, 2016). Telegram website’s FAQ page is all the platform com- municates to users about content removals: Public channels can be accessed by anyone with a Telegram account, so the concern here relates to private Q: Wait! 0_o Do you process take-down conversations between users. Telegram supports end-to- requests from third parties? end encryption in its Secret Chats, but this isn’t enabled by default, a choice for which Telegram is criticized by Our mission is to provide a secure means of many privacy advocates. One privacy and encryption communication that works everywhere on the expert I interviewed told me that he believes this is a planet. To do this in the places where it is most political choice designed to placate governments con- needed (and to continue distributing Telegram cerned about terrorists and criminals using the platform through the App Store and Google Play), we to coordinate their activities.8 Indeed, Telegram has have to process legitimate requests to take been widely criticized for supposedly being the “terror- down illegal public content (e.g., sticker sets, ists’ app of choice,” following disputed media reports that Telegram had been used to plan attacks in Paris, bots, and channels) within the app. For exam- Nice, London, and elsewhere. Telegram stresses that it ple, we can take down sticker sets that violate has never turned over user information (including chat intellectual property rights or porn bots. logs) to any government, but enabling end-to-end en- cryption by default would further protect users’ com- User-uploaded stickers sets, channels, and bots munications content from state surveillance. Pavel by third-party developers are not part of the Durov disputed the notion that Telegram bore any re- core Telegram UI. Whenever we receive a sponsibility for the attacks in a virulently xenophobic complaint at abuse@telegram.org or statement imbued with a classically libertarian rejection dmca@telegram.org regarding the legality of of taxation: public content, we perform the necessary legal checks and take it down when deemed appro- The French government is as responsible as priate. the Islamic State for this because it is their policies and carelessness that eventually led to Please note that this does not apply to local the tragedy. They take money away from restrictions on freedom of speech. For exam- hardworking people of France with outra- ple, if criticizing the government is illegal in geously high taxes and spend them on waging some country, Telegram won‘t be a part of useless wars in the Middle East and on creat- such politically motivated censorship. This 8 Phone interview, March 31, 2018. Page 12 of 20
goes against our founders’ principles. While Soviet era: we do block terrorist (e.g. ISIS-related) bots and channels, we will not block anybody who Imagine if the KGB funded a special crypto peacefully expresses alternative opinions fax line and told Aleksandr Solzhenitsyn and (Telegram, n.d.). dissident samizdat writers to use it, promising that it was totally shielded from KGB opera- Unlike other platforms like Facebook, Twitter, and even tives. Then imagine that Solzhenitsyn would Vkontakte, Telegram does not provide any further de- not only believe the KGB, but would tell all tails about the types of content (beyond copyrighted his dissident buddies to use it: “It’s totally materials subject to the Digital Millennium Copyright safe.” The KGB’s efforts would be mercilessly Act, or DMCA) it might remove nor the process for ridiculed in the capitalist West, while Solzhen- evaluating such requests. Nor does it publish so-called itsyn would be branded a collaborator at worst, “transparency reports,” which list the number of gov- or a stooge at best (Levine, 2017). ernment requests for content removal that a platform has received, complied with, or both. This practice was Durov agreed with the assessment: “I don’t think it’s a pioneered by Google in 2010, and has since become coincidence that we both understand how naïve this standard practice in the technology sector, though civil society continues to push companies for more trans- kind of thinking is, and that we were both born in the parency about how their policies and practice impact Soviet Union” (Levine, 2017). users’ rights to privacy and freedom of expression. Telegram’s opacity in this regard is one of the critiques The problem with Levine’s analogy is that it assumes leveled against the company by digital rights advocates. that governance works the same way in 21st century America as it did in the Soviet Union. It is impossible As my co-authors and I have argued elsewhere (MacK- to prove a negative, of course, and I can’t categorically innon, Maréchal & Kumar, 2016), this transparency rule out the NSA making a pact with Moxie Marlin- serves to create mechanisms by which companies, gov- spike to “backdoor” the Signal Protocol, for example, ernments, and civil society groups hold one another but it seems highly unlikely, especially since Signal’s accountable for meeting their respective commitments codebase is entirely open-source and is regularly scruti- to respect and protect human rights in the digital age, nized by the world’s top cryptographers. 9 Durov’s (and thus bridging a critical governance gap in global soci- Levine’s) apparent belief that the U.S. government is a ety. Telegram simultaneously rejects such a compact even as it falls short of the open source standards that unitary actor whose actions are internally consistent and form the cornerstone of the cypherpunk ideal. Pavel coordinated at a high level is consistent with an idio- Durov would have Telegram’s users trust Telegram syncratically Russian understanding of politics rooted without subjecting the company’s code or business op- in the country’s Soviet heritage. As Andrei Soldatov erations to any outside scrutiny. and Irina Borogan write in The Red Web, Finally, Pavel Durov’s paradigmatic view of the world [The KGB] were trained to think that every seems to combine cyber-libertarianism with an idio- person was only driven by baser, inferior mo- syncratically Russian understanding of politics. In an tives. When confronting Soviet dissidents, they interview with Yasha Levine, an outspoken critic of the looked for money, dirty family secrets, or Internet Freedom agenda and the digital rights move- madness, as they couldn’t accept for a second ment, Durov said that “he could not understand how that someone could challenge the political people could trust a supposedly anti-government system simply because they believe in their weapon that was being funded by the very same U.S. government it was supposed to protect its users cause. from” (Levine, 2017). Levine drew an analogy to the 9 Field notes, 2015-2018. Page 13 of 20
Putin is a product of this thinking. He doesn’t design your own aircraft engine. The answer, believe in mankind, nor does he believe in a in both cases, is that well-studied and secure benign society — the concept that people options exist. Crypto is hard and I would could voluntarily come together to do some- rather rely on encryption schemes that have thing for the common good. Those who tried been studied and debated than schemes that to do something not directed by the govern- are either secret or have yet to receive much, if ment were either spies — paid agents of for- any, attention (Cox, 2015). eign hostile forces — or corrupt — i.e. paid agents of corporations (Soldatov & Borogan, Additionally, Telegram has failed to provide the neces- sary documentation for independent cryptographic 2017, p. 336). evaluations. The code for the application itself (i.e. the app that users install on their ow machines) is open This seems to be the lens through which Durov and source, but the documentation is reportedly incomplete Levine view the relationship between the Internet Free- (see Couprie, 2013). Moreover, code for the server-side dom agenda and the digital rights movement: it is near- software is not available, with Telegram’s FAQ merely ly unthinkable to them that civil society actors would stating that “all code will be released develop digital rights tools without being directed to do eventually” (Telegram, n.d.). Evaluations of the por- so. According to this logic, the financial relationship tions of Telegram’s code that are publicly available between these actors and government institutions im- have uncovered a number of serious flaws, notably plementing the Internet Freedom agenda proves this leaving the platform’s users vulnerable to man-in-the- causal link. (Though out of scope for this conference middle (MITM) attacks (Jakobsen, 2015). Until Telegram makes all its code available to outside review, paper, the relationship between the U.S.-led Internet security-conscious users would do well to exercise cau- Freedom agenda and the grassroots transnational social tion. movement for digital rights is a central concern of the larger study from which the present paper is excerpted.) 3.4. Telegram’s libertarian business model 3.3. Crypto controversies Durov’s commitment to keeping Telegram free to use, While media coverage of Telegram makes much of its aversion to lose control of the company to outside in- encrypted Secret Chats, linking the affordance to terror- vestors (as he did with VK) rule out the revenue ism, criminality, and the like, cryptography experts streams that sustain many tech start-ups. Moreover, his have cast doubts on the robustness of the Durovs’ hostility to state sovereignty in general and to U.S. for- MProto encryption protocol, dubbed MProto. Though a eign policy specifically preclude the types of grants and technical evaluation of the protocol’s shortcomings products that sustain the other projects analyzed in my would fall beyond the scope of this paper (and of the larger study (Psiphon, Tor, and Signal), leaving very author’s expertise), it is important to underscore that few avenues for revenue generation. This context ex- Telegram’s claims to unbreakable encryption have plains Telegram’s embrace of the cryptocurrency craze. come under serious attack from respected experts. The 2018 Initial Coin Offering (ICO) promised not only a much-needed influx of no-strings-attached cash, but The core of the critique of MProto is that rather than also a cypherpunk, cyber-libertarian future where building on established encryption protocols and col- Telegram controls its own technical infrastructure, laborating with experienced experts, the Durovs “rolled keeps nation-states at arms’ length, and even issues its their own crypto,” thus breaking the “cardinal rule of own currency. Given Pavel Durov’s professed libertari- cryptography” (Clary, 2016; Cox, 2015). As Runa anism, it is perhaps unsurprising that Telegram is turn- Sandvik, Director of Information Security at the New York Times and former Tor developer, told Mother- ing to cryptocurrency to secure its financial future. In- board, deed, as early as 2012, Durov called the idea of national currency “anachronistic” (Durov, 2012, cited in Yaffa, 2013). Asking why you should not roll your own crypto is a bit like asking why you should not For the nearly five years of its existence, Telegram Page 14 of 20
You can also read