Telegram's E2EE isn't available for group chats. It's not on by default for other chats, so most or all of your chats are probably just transport encrypted. Further, they rolled their own crypto (bad), MTProto2, which has a number of problems (but is not necessarily broken)
This places Telegram's security stance below that of even Instagram or Facebook (which also has optional E2EE chats, but uses the Signal protocol, which is considered better than MTProto2.)
I think they don't support cross-device syncing or automatic backups of E2EE chats, so it's about minimising friction by default. Telegrams main focus is UX, unlike Signal which prioritizes security at the expense of UX.
There's nothing in Telegram that couldn't be implemented with security in mind. They just lack the expertise in designing cryptographic protocols that offer those features, and Durov is too proud to consult experts in helping improve the design. Well, now he gets to enjoy French hospitality.
E2EE is optional on Telegram and not really convenient. You can create a private chat which will be E2E encrypted but this takes a few taps and pins to device. Most of the users don't bother. And the main target is not personal chats but channels which can be easily discovered and followed.
This is not an e2e battle, this is the hunt for channel owners. Frankly it is too easy to make a "local chat" and sell stuff. Durov has the data and this is his weakness and strength. Platform is viral but there are too much for one hands.
> French authorities believe that Telegram, under Durov’s leadership, became a major platform for organised crime due to its encrypted messaging services, which allegedly facilitated illegal activities
Nope. It's because of the large telegram group chats for the most part and those aren't E2EE. The only chats that can be E2EE on telegram are one to one DMs and that's only if you manually enable it.
i.e. They refused to turn over chat records that they have server side access to.
It's worth noting that they could do E2EE here for group chats but they don't. Signal does it but telegram wholesale refused to.
I don't why you were downvoted. Because that is exactly what is going on. EU is generally on a open-encryption-by-warrant path and this is a great example of applying some pressuring.
Should we enable the Iranian polotical refugee to communicate in secret with her family ?
Should we by warrant enable the possibility to open up messages when pedofiles sell or buy children for sex ?
Many will disagree with you because your stance does not take an all-or-nothing approach, so good on you for asking these tougher questions. We have the same sort of questions in the US, though a very specific group would love to turn this who country into a police state (they even have their own flag). I am a big privacy advocate, but also recognize that it is ripe for abuse by bad actors, so the solutions are muddy and need some serious beta testing before they can be called solutions. This where people tend to get lost in the debate and start responding with emotions rather than reason, which unfortunately does not progress us a viable solution. I see the same thing happening in the EU, but from afar, so my perception is likely skewed.
What could possibly go wrong!