On Thursday, messaging app Telegram updated its FAQ page to clarify its policies on the moderation of objectionable content, following the arrest of its founder Pavel Durov last month in Paris for not preventing illegal activity on the app. 

Telegram, beloved in the crypto community, told Unchained that its policies and technology remain the same and that the “FAQ change only made it clearer how to report content on Telegram, including via [the Digital Services Act],” the EU’s regulations passed in 2022 detailing the obligations digital services have to their users. 

But Durov said in a Telegram post to his followers on Friday that changes are coming to how the site moderates content, without supplying details. “While 99.999% of Telegram users have nothing to do with crime, the 0.001% involved in illicit activities create a bad image for the entire platform, putting the interests of our almost billion users at risk,” wrote Durov. “That’s why this year we are committed to turn moderation on Telegram from an area of criticism into one of praise.”

The platform’s FAQ page now explicitly states how users should report “illegal content” on the platform. Little is known, however, about how the platform plans to act on content that’s been flagged, said Eva Galperin, the Electronic Frontier Foundation’s Director of Cybersecurity. “Only Telegram can answer this question,” she said. Telegram declined to explain to Unchained what happens after illegal content is flagged. 

Even apart from any coming changes to Telegram’s content moderation practices, there are several important steps crypto users should take if they are depending on the platform for secure communication.   

Message Security

Galperin, who wrote a harm reduction guide in 2022 for Ukrainian and Russian users of Telegram, told Unchained that much of the security crypto users think they have on Telegram has been based on “confusion.” In reality, only private messages where “Secret Chat” mode is turned on are end-to-end encrypted, and this is not the default network setting. If messages are not end-to-end encrypted, this means that Telegram can access their contents. The fact that end-to-end encryption is not the default on private messages stands in contrast to the settings on rival messaging platforms Signal and Facebook Messenger. 

The best way to protect chats from content moderation on Telegram is to make sure this setting is enabled in private chats, she said. For its part, Telegram told Unchained that encrypted Secret Chats are “guaranteed to have no backdoors” and that this is verifiable by looking at the app’s open source code. 

Read more: Trump’s New DeFi Project Could Be a Magnet for Hackers

However, many cybersecurity experts such as Johns Hopkins University cryptographer Matthew Green have questioned the strength of Telegram’s encryption technology itself, arguing that the platform’s encryption protocol, MTProto 2.0, has not been extensively peer-reviewed and tested like other encryption protocols used by apps such as Signal. 

Galperin said that Telegram users ultimately have to decide how much they trust the company, and even Durov himself, in deciding whether they should use the platform.  

Anon Risk 

Even when private communications are properly encrypted, their contents often appear in depositions when members on either end screenshot content and reveal it to authorities. Sources turned over encrypted messages several times, for example, to American authorities prosecuting individuals involved in the Jan. 6 assault on the US Capitol.

In crypto specifically, anonymous accounts are common and widespread, meaning that users are often messaging others without knowing their true identity. This creates significant risk if the anonymous correspondent turns out to be someone with different loyalties or agendas than expected. “You need to trust the other people you are talking to because every one of them could rat you out,” Galperin said. In addition, particularly sensitive information, such as wallet addresses, should never be shared with anyone you don’t know well. 

Different Laws in Different Countries

Telegram’s FAQ specifically says that users can flag “illegal” content, but laws differ from country to country. What may be protected speech under the First Amendment in the United States, for example, could be considered “hate speech” in Europe. 

In particular, laws pertaining to cryptocurrency vary widely by country. For example, it’s illegal to use bitcoin in Saudi Arabia, while it is legal to use it in United States. This opens the opportunity for users in Saudi Arabia, for example, to flag communications about bitcoin as “illegal content” in their country, and create problems for users in other jurisdictions if Telegram winds up blocking the content. Galperin therefore recommended that Telegram users make sure that what they’re doing is not illegal in the country that they’re located in.

Ultimately, Galperin said that users who are concerned about the privacy of their communications shouldn’t use Telegram at all. Personally, she recommends Signal, as a tool with peer-reviewed encryption technology verified by trusted cybersecurity experts.