It's amazing that technology is empowering these protestors, but I'm not sure a vulnerable group of people such as this should be leaving identifying information on these servers.
- You cannot sign up for Telegram without your phone number (even if it isn't public).
- End to End encryption exists but is limited to 1-1 chats.
- Telegram cooperates with data requests from law enforcements.
The kind of risk this puts them in cannot be overstated.
> Telegram cooperates with data requests from law enforcements.
It is not that black and white:
AFAIK and IIRC it is more like this:
- yes: Telegram gives data about members of public groups/channels
- no: Telegram does not give out information from closed groups / personal chats, and they go to great lengths to prevent that information from becoming available. We might be sceptical all we want about the custom crypto, but I've seen no credible source that I can think of that have backs you statement except the limited example I gave above.
Telegram has been sued over and over in many countries for refusing to provide that info, and kept fighting (both legally and technologically - via smart proxy-server rotation, addresses distributed over Apples/Google's push notifications etc.).
Here's the case for Russia - https://en.wikipedia.org/wiki/Blocking_Telegram_in_Russia (eventually the govt has blocked over 20 million (!) IP addresses, including Google's and Cloudflare's, and that disrupted 30% of the Internet in the country, but the app just kept working fine)
Schneier was very vocal after the Snowden documents on how the NSA has multiple methods to get hold of the data. If it's not via judicial means, it's via extra-judicial means. NSA considers Telegram's servers outside US fair game (i.e. hacking them is not a problem). GCHQ considers servers inside the US fair game. The two agencies exchange intel which allows them to bypass constitutional protections. This is old news.
As for Russia, China, Israel etc. The servers are outside their borders, and mostly they don't give a flying fuck even if it was domestically hosted.
You can cloak your phone number & not allow others to reach you via your phone number. Which means that the authorities cannot match your phone number to your Telegram identity, even if you posted in a public chat. This feature was implemented last year during Hong Kong protests to protect against government efforts to identify protestors by enumerating the limited phone number space in HK. There is also a password option to protect against SMS surveillance.
As to whether Telegram itself would cooperate with data requests from your government - that depends on which government it is, and in the end is up to personal judgement. I don't think there's any reason that Telegram would betray me to the Chinese government, for example, while I won't at all trust Facebook for that. Facebook, and Zuckerberg himself (for how long did he stick to that Wuzhen avatar?), tried hard to appease the Chinese government for such a long time.
International megacorp are generally the worst to trust in that respect. To many of us in authoritarian places, the illegality of Telegram is itself an attraction.
- You cannot sign up for Telegram without your phone number (even if it isn't public). - End to End encryption exists but is limited to 1-1 chats. - Telegram cooperates with data requests from law enforcements.
The kind of risk this puts them in cannot be overstated.