Telegram Shares Users Data in Copyright Violation Lawsuit (techcrunch.com) 22
Telegram has disclosed names of administrators, their phone numbers and IP addresses of channels accused of copyright infringement in compliance with a court order in India in a remarkable illustration of the data the instant messaging platform stores on its users and can be made to disclose by authorities. From a report: The app operator was forced by a Delhi High Court order to shared the data after a teacher sued the firm for not doing enough to prevent unauthorised distribution of her course material on the platform. Neetu Singh, the plaintiff teacher, said a number of Telegram channels were re-selling her study materials without permission at discounted prices.
An Indian court earlier had ordered Telegram to adhere to the Indian law and disclose details about those operating such channels. Telegram unsuccessfully argued that disclosing user information would violate the privacy policy and the laws of Singapore, where it has located its physical servers for storing users data. In response, the Indian court said the copyright owners couldn't be left "completely remediless against the actual infringers" because Telegram has chosen to locate its servers outside the country. In an order last week, Justice Prathiba Singh said Telegram had complied with the earlier order and shared the data.
An Indian court earlier had ordered Telegram to adhere to the Indian law and disclose details about those operating such channels. Telegram unsuccessfully argued that disclosing user information would violate the privacy policy and the laws of Singapore, where it has located its physical servers for storing users data. In response, the Indian court said the copyright owners couldn't be left "completely remediless against the actual infringers" because Telegram has chosen to locate its servers outside the country. In an order last week, Justice Prathiba Singh said Telegram had complied with the earlier order and shared the data.
Let me be the first to say (Score:3)
Yikes. This [slashdot.org] holds up, but in addition to "Telegram thinks you're a terrorist," we can now add the Indian version of DMCA.
Re:Let me be the first to say (Score:5, Interesting)
Telegram sends the username in the SSL SNI field. (maybe only for verified users...)
So technically it doesn't need to give much more to authorities, its snoopable.
https://mastodon.technology/@r... [mastodon.technology]
Please do not recommend Telegram, its about as private as WhatsApp. Meaning pretty much not.
Re: (Score:1)
What would you recommend instead? Signal? Threema?
Re:Let me be the first to say (Score:5, Insightful)
Carrier Pigeons, although they can be intercepted by Cats and Falcons.
Re:Let me be the first to say (Score:4, Interesting)
Personally I stick to recommending signal. It seems they really have no info about their users.
But I prefer using XMPP (with OMEMO) myself, because choice of client,server,provider is for me more important.
ie: The fact that I can run my own server (having the technical know-how helps a lot) and have multiple clients from different dev groups on various platforms. I dislike vertical trust.
Re: (Score:3)
Re: (Score:3)
Matrix is currently reinventing the wheel. IMO badly. XMPP has grown to a generic Message passing protocol, with inherent support for user2user messages.
Matrix might get there eventually.
> but built on more modern technologies (ie won't get blocked by most firewalls etc.)
Sigh... XMPP doesn't have any problem with firewalls. XMPP over HTTP(S) (aka BOSH) exists since 2004, predates almost all similar technologies (especially websockets). Or just wrap it in TLS on port 443, no firewall blocks that.
XMPP is
Re: (Score:2)
Re: (Score:2)
Well reasoned. I missed option #3 ...
> My understanding is that XMPP is pretty limited from that point of view. Which is part of the reason why Matrix is a thing.
My understanding is that XMPP MAY be built on web technologies, whereas Matrix MUST be built using web technologies. But take this argument far enough, and one could argue XMPP MUST be built using XML...
Web only XMPP clients exist (jsxc). The fact that they exist doesn't mean it was easy to create them, and the amount of hoops jumped through is
Re: (Score:3)
If your communications are that sensitive then I wouldn’t use a cell phone.
Re: (Score:2)
Set up a one time pad and send messages over any medium.
Re: (Score:3)
Care to explain, why you consider both "not private"?
Re: (Score:3)
Telegram: See this story
Whatsapp: It can sync the last N messages to a new client (of the same user). This implies that there is a mechanism by which forward secrecy can be broken. Game over. And the app itself sends quite a lot of data to the mothership.
Re: (Score:3)
Whatsapp: It can sync the last N messages to a new client (of the same user). This implies that there is a mechanism by which forward secrecy can be broken.
WhatsApp can (silently) ask clients to re-encrypt the last few messages for a new client. See this article [eff.org] from 5 years ago. As far as I know that's still how it is.
Re: (Score:3)
This is why if you are are committing what may be an offense in your jurisdiction it is not just enough to use a service that says it protects privacy, but one that actually does not store data. Just because data is necessary and available in the moment does not mean it needs to kept forever. This is the lesson Authur Anderson learned
Re: (Score:2)
Fun part: a lot of Telegram piracy groups don't just store messages on Telegram's servers. They actually use Telegram as a hosting service..
Re: (Score:2)
I don't understand the "yikes". From the start, Telegram's policy was that "if you can get us a channel name and a valid court order to disclose specific users, we will obviously comply".
This is what caused a lot of screeching in the intelligence circles, because to get there, you need to actually infiltrate each group, collect data on what's going on inside and get a court order based on that. You can't just do it Facebook style of "we need to find out what is inside this group" or "we need this whatsapp g
how can this be enforced? (Score:3)
If telegram has its servers out of the country -- what presence do they have in India?
If telegram ignores the court order, what can the court do to telegram, if it has no presence in the country?
Re: (Score:1)
Re: (Score:2)
So force Telegram to open an office just so they can be enforced on?
What an enticing way to woo businesses! *cough*