Telegram is going to take crypto payments, that's a problem
How do we balance privacy and national security?
GM. It’s been a while, I know.
Since my last newsletter much has happened in the Web3 space: FTX collapsed! BTC and ETH are up! NFT sales are up! The SEC is going after everyone!
I also spoke at Quantum Miami on a panel about women in Web3. This was the industry’s biggest get-together since FTX so I was curious to gauge ~the vibes~.
I personally thought that people were upbeat and optimistic, but when I mentioned this to someone, they vehemently disagreed. They said that if people were feeling positive about the state of the industry then the conference would be packed and the luxury vehicles on display outside the convention centre would be Bugattis and not Lamborghinis. Seriously.
Today we’re talking about encryption and national security. Very chill stuff. I’ve got 1280 words for you or a five-minute read.
- Erin, @erin_gee
Towards the end of 2022, the CEO of Telegram, Pavel Durov, said that the decentralized messaging app would be moving ahead with building crypto wallets and a decentralized exchange. The integration of these features into a messaging platform that is already the preferred communication vehicle for crypto enthusiasts will likely prove to be a boon to the company. Telegram is popular with this cohort as it aligns with their personal and political views on autonomy, decentralization, and broader distrust of government and its institutions, including the banking system.
For those who aren’t familiar with the platform, Telegram boasts over 500 million (as of 2021) users and has end-to-end encryption. One of the things that makes it different from other messaging platforms is that you can message people by only having their username, not their phone number (though this is also possible). In addition, similar to Whatsapp, you can participate in group chats, but while Whatsapp caps membership at 250 people, Telegram groups can reach up to 20,000 members.
Since its launch in 2013, Telegram has found itself embroiled in several controversies which have stemmed from the company’s ardently pro-privacy stance. It’s been alleged that the app has been used for terrorism (in 2015 Vox said the app was “ISIS’s app of choice”), sexual exploitation, and crime. The large group feature has also garnered some attention. According to Engadget, “Telegram has acted to remove public channels affiliated with terrorism, but Pavel Durov reiterated that he had no business snooping on private conversations.”
Canada is already working on legislation to protect Canadians against online harms (i.e., hate speech, child sexual exploitation, terrorist content) on social media platforms. However, the government has signaled, throughout their public consultations, that encrypted messaging apps like Telegram, Whatsapp, and Signal could fall outside the Bill’s purview given that their primary use is for private messaging, despite their ability to allow communication to large groups. This issue is at the core of the social media regulation question: to what extent should governments be involved in people’s private messages and to what extent should governments force services like Telegram or WhatsApp to break encryption and monitor messages?
These questions are paramount given that in addition to terrorist groups using Telegram’s end-to-end encryption and pro-privacy stance to advance their agendas, Western nations are seeing similar trends with far-right extremism. Between 2015 and 2020, far-right terrorism increased 320% on Telegram, according to the Institute for Strategic Dialogue. These movements have seen exponential growth over the past several years due to economic and social uncertainty and norms being challenged, with encrypted and pro-privacy platforms, like Telegram, benefitting. People who either directly seek out these communities or stumble across them thanks to algorithms are likely to become increasingly radicalized in their views in a similar way as what happened on Facebook and YouTube as ideas and conversations about violence, white supremacy and anti-semitism, and other criminality become the norm, thus desensitizing people to it.
But what does this all have to do with Telegram creating crypto wallets?
While cryptocurrency transactions occur on a public ledger (the blockchain), it allows total strangers to send money to each other without confirmation of the other person’s identity. Identities are tied to crypto wallets which are assigned a series of letters and numbers as their identifiers. Many of these wallets are encrypted.
Therefore, this means that encrypted wallets will be able to send money to anonymous people anywhere in the world with little to no intervention from the company.
Telegram is already a hotbed for illegal activity. Add on a payment method…
But what can be done to prevent illegal activity on these platforms? Some might advocate for restrictions similar to what is being done on social media platforms. But, like it or not, Durav is right insofar that conversations on the platform are private correspondence. This begs the question, what is the definition of “private conversation”? It could be argued that an audience of 20,000 people shouldn’t be deemed private, but then the question becomes when and how does the private become public? And when does encryption become an issue for national security?
Australia passed legislation in 2018 that forces private companies to share user information and data…even if it’s encrypted. Plus, if a company doesn’t currently have the ability to intercept the encrypted information to provide to law enforcement, they’ll have to develop tools that will enable access to the data of their users. This move effectively renders encryption useless with the unintended consequences widespread.
On its face, laws that enable law enforcement and national security experts the ability to access the communications of would-be terrorists and criminals are, for lack of a better word, good. But, the assumption is that those with the power to access otherwise encrypted private communications will act in good faith, which may not always be the case. Further, the broad, sweeping language doesn’t allow for any nuance, which means international government communications are accessible, as well as private communications of those trying to flee domestic violence, and so on.
This approach centres national security over the privacy of citizens and is obviously not the road Canada should go down.
But, Canada is ill-prepared for this reality. Following the illegal occupation of downtown Ottawa in 2022 where donations were made to the occupiers in crypto, FINTRAC was able to make use of its traditional methods to track down the anonymous wallets that contributed to the convoy, but that was only because Prime Minister Trudeau invoked the Emergencies Act that compelled the crowdfunding platforms and financial institutions to hand over the relevant information. The temporary suspension of civil liberties should not be the only way to protect civilians from terrorist or other illegal activity.
Distrust in our institutions is increasing, with 15 million Canadians thinking that the government’s version of events can’t be trusted. This distrust is going to push people further underground, towards encrypted communications and difficult-to-trace financial transactions; transactions that — as of right now — have no accountability.
It’s inarguable that there is a public good for interventions in preventing criminal activity on Telegram or other platforms known to turn a blind eye to illegal activity, but how do we govern those spaces and should we?
What is being done to prevent terrorist financing and coordination in these spaces? Public Safety Canada launched a national security consultation but is that going to address issues related to encryption or is it going to look at cyber security (i.e., hacking) in isolation without taking a holistic approach?
Whatever approach Canada takes, we need to ensure that it aligns with our democratically accepted norms, which include a reasonable expectation of privacy, while also aligning with like-minded democracies around the world. Ultimately, we don’t want to take an approach to monitor encryption that would align us with authoritarian regimes like Russia or China.
I wrote about Vancouver’s Web3 gaming scene last month.