- After failing to gain access to the encrypted messaging app Telegram, Russia’s Federal Security Service (FSB) has successfully lobbied for it to be blocked on Russian territory.
- FSB pressure on the app has been justified on the basis of countering terrorism but it likely has the wider goal of enhancing state authority in the Russian information space.
- Further aggressive moves against Telegram and other social media firms would depend on internal political stability and relations with the West.
The FSB has demanded access to Telegram encryption keys since the April 2017 terrorist attack on the St. Petersburg metro, alleging that six key suspects linked to the attack used the app to communicate secretly. Telegram – which has a reputation for offering messaging services that cannot be decrypted – is known to be used by militants and has been connected to several major terrorist incidents such as the 2015 Paris attacks and the 2016 Berlin Christmas market attack.
The FSB has so far not disclosed concrete evidence to show Telegram’s links to the St. Petersburg attack. Telegram founder Pavel Durov characterised the FSB request as a demand for backdoor access into the app to circumvent encryption to access users’ communications. Durov has consistently refused to comply with the FSB’s requests, which he argues are a violation of Russian citizens’ constitutional rights. On 20 March, Russia’s Supreme Court ordered Telegram to provide the FSB with encryption keys to read messaging data without a court order, and media regulator Roskomnadzor gave the company 15 days to comply. On 13 April, Moscow’s Taganka District Court ordered the app to be blocked on Russian territory.
Deepening state influence on online media
On the surface, the Russian authorities’ pressure on Telegram reflects similar moves in the US and Europe. The British government has also expressed concern about the use of Telegram as a platform for terrorist communications. But the Russian government has a more stringent approach to media regulation. Its actions against Telegram fit into a broader pattern of legislative proposals which, under the guise of counter-terrorism, are in fact aimed at entrenching state authority online.
In 2016, Russian lawmakers passed counter-terrorism legislation – the so-called Yarovaya law – requiring messaging services to provide the authorities with the ability to decrypt user correspondence. The legislation stipulated that all Russian user data must be stored inside the country. Rights groups criticised the law as an infringement on privacy and argued that it was aimed at suppressing domestic dissent.
The government’s case against Telegram should be viewed in the wider context of information control, although this does not exclude the imperative of countering terrorism. Russian authorities likely have broader objectives beyond combatting terrorism, such as the concern that encrypted apps could be used to foment civil unrest. Protests across Iran in December 2017 and January 2018, in which Telegram was reported to have played an important role, demonstrated the dangers posed to authoritarian regimes by encrypted messaging apps.
Blocking Telegram may not be the end goal of the Russian authorities. Russia’s Minister of Communications and Mass Media, Nikolai Nikiforov, has stated that Telegram’s violations are less serious than those associated with other social media companies. For example, Telegram complied with Roskomnadzor’s demand for it to be included in a register of information dissemination platforms and formally pledged to cooperate on removing terrorism-related materials. But the compliance of other platforms, such as Google, Facebook, Viber and WhatsApp, to the demands of the Russian authorities has been patchier.
By selectively targeting Telegram, the FSB may be seeking to place indirect pressure on other social media and messaging networks to comply with Russian legislation. The move would incur few costs, since Telegram is not financially important to any country and is embroiled in disputes with several states, notably Iran. The FSB may have chosen Telegram precisely because it is a comparatively soft target, whereas a standoff with other platforms could result in wider international scrutiny and potentially embarrassing defeat.
The legal process with Telegram is likely to be drawn out further, as the company could appeal against the court decision of 13 April. While the Russian government is seeking access to Telegram’s encryption keys, the company insists that it is technically impossible for a backdoor to be built into the “secret chats” feature of the app, a claim supported by some independent experts.
Both asymmetric encryption, which uses public and private keys to encrypt and decrypt data, and the Diffie-Hellman algorithm, a method establishing a shared secret between two endpoints, are used to generate a key for secret chats. This means one of the two parts of the key remains on the user device and cannot be intercepted. Therefore, to survey Telegram correspondence would require targeting the devices at each end. Moreover, the encryption keys regularly change, and expired keys are destroyed automatically.
In the meantime, users in Russia will be able to continue using the app, either through a Virtual Private Network (VPN) or features that Telegram has claimed it is currently building into the app in response. In Iran, Telegram has been formally blocked but hundreds of thousands of people are reportedly still using it. The Russian government has so far appeared unwilling to move beyond the selective enforcement of broad “counter-terrorism” laws. As a result, the authorities have not placed such severe restrictions on information as exist in China, where Facebook, WhatsApp, Snapchat, Telegram, Instagram, YouTube and the Google search engine are all blocked.
If anti-government activists such as Alexei Navalny become able to mobilise very significant protests using social media, the government will likely move more aggressively against social media firms. But whether or not Russia continues with its somewhat selective and uneven approach or decides to crack down more robustly on social media activity would depend mainly on international relations, particularly with the US. Further deterioration in relations with the West could bolster a prevailing siege mentality in Russia and encourage the Kremlin to tighten control over information.
PGI Intelligence is a risk management consultancy specialising in geopolitical intelligence and corporate investigations, cyber security, and capacity training.
For more information or to sign up for free access to the PGI’s geopolitical risk notification platform, the Risk Portal, please visit https://riskportal.pgitl.com
Your free global geopolitical
PGI’s Risk Portal tool provides daily intelligence feeds, country threat assessments and analytical insights, enabling clients to track, understand and navigate geopolitical threats.
The Risk Portal gives users up-to-date information and analysis on global affairs.
The Risk Portal allows users to visualise information in a unique and instantly understandable way. Mapping filters enable the visualisation of incidents by threat category, time period, perpetrator and target type.
Risk Portal users can upgrade their accounts to include the Report Builder and Country Profile Generator features. The Report Builder allows users to select information, data and images from the Risk Portal and create bespoke reports and emails.
Subscribers to PGI’s Bespoke services receive tailored analysis on specific sectors and geographies of interest, delivered at a frequency they determine.
Subscribe to our Cyber Bytes Newsletter
Keep yourself in the loop with PGI by signing up to our Monthly Cyber Bytes email. You will receive updates, tips and narrative around what has been happening in the world of information security.