By Noah Feldman
The arrest in France of Telegram founder and CEO Pavel Durov has brought into sharp focus one of the major conflicts of our age. On one hand, we want privacy in our digital lives, which is why we like the kind of end-to-end encryption Telegram promises. On the other, we want the government to be able to stamp out repugnant online activities — like child pornography or terrorist plotting. The reality is that we can’t have our cake and eat it, too.
In August, Durov was charged with complicity in crimes taking place on the app, including distributing child pornography, drug trafficking and selling hacking software, as well as with refusing to cooperate with French authorities’ investigations. In a public statement, Durov insisted he has aided investigators, that the app moderates content as best it can, and that if “we can’t agree with a country’s regulator on the right balance between privacy and security … we are ready to leave that country.”
The tradeoffs between privacy and safety are real. Recognising that makes hard policy choices inevitable. But we haven’t made those choices yet — not the European Union, where Durov was arrested, nor the US. Until we do, arresting the CEOs is little more than a misguided, symbolic move. Criminal arrest should be reserved for people who have violated clearly established law, not entrepreneurs providing the public with products we aren’t exactly sure we want to allow.
A bit over a decade old, Telegram has almost a billion monthly users worldwide. It seems probably that many of them started using the app for the same reason: privacy that’s supposed to be superior to that offered by other messaging platforms.
Privacy can function as a form of subtle resistance to powerful forces, whether corporate or governmental. Saying you don’t want anyone listening in can be a way of asserting sovereignty over some corner of one’s life. (It’s likely not a coincidence that Durov and his co-founder brother are Russian exiles, members of a culture thoroughly accustomed to pervasive government surveillance.)
Privacy is also an aspect of human dignity. In nearly all cultures on earth, people choose to protect some parts of their bodies or some of their activities from others’ prying eyes. Cultures differ on what should be private, but that variation is secondary to the basic impulse that some aspects of the self aren’t for public consumption.
Such points often get quickly shoved aside when the conversation turns to safety — particularly when a crime is one we have deemed utterly reprehensible.
Online as in real life, the better the surveillance, the greater the safety. Conversely, the more privacy, the more risk of a crime going undetected. The only difference between the physical and digital spheres is that in the former, most societies have developed fairly stable beliefs about the right balance between privacy and safety, beliefs long enshrined in law. Online, we’re still figuring it out — and we want to have it both ways.
The real question about apps like Telegram, then, is pretty simple: Do we want there to be spaces where people can genuinely evade surveillance? Or do we think that the benefits aren’t worth the inevitable costs, which is that some people will take advantage of digital privacy to commit crimes we rightly abhor?
It’s an illusion to imagine that there is some solution that perfectly preserves both privacy and safety. Automated algorithmic surveillance is still surveillance. Relying on governments to seek warrants before breaking privacy, a feature of existing law in liberal democracies, only works if the communications aren’t truly encrypted but can be accessed though a back door. Relying on the platforms to review communication makes private companies into the powerful agents of even-more-powerful governmental forces.
We will eventually reach some sort of consensus about how and when to sacrifice privacy for safety, and vice versa — in the form of new laws, from civil penalties to (when necessary) criminal law.
But in a world where we haven’t yet made up our minds, it’s a cop-out to arrest a CEO like Durov. The arrest might make us feel good because it gives the impression that a government is using all means at its disposal to pursue crime. That feeling is illusory, however — because it masks our own ongoing ambivalence about true digital privacy.
It’s time we confronted the privacy-safety trade-off honestly. Until we have a clearer answer enshrined in law, arresting CEOs isn’t the solution.