Telegram founder Pavel Durov has issued a stark warning about potential privacy vulnerabilities in encrypted messaging apps like Signal, highlighting that deleted messages may not be fully erased from devices. Durov's remarks were prompted by a 404 Media report revealing that the Federal Bureau of Investigation (FBI) successfully retrieved deleted Signal messages from the notification logs stored on an Apple iPhone during a criminal investigation.
Durov explained that push notifications can create a persistent privacy risk, even after users delete their chat history and uninstall the app. "Turning off notification previews won't make you safe if you use those applications, because you never know whether the people you message have done the same," he wrote. This underscores a critical flaw where privacy depends on the security settings of both parties in a conversation, not just one user.
The case has reignited debates about metadata, device storage, and the limits of end-to-end encryption. While the encrypted message content within Signal remains protected, surrounding data—such as notification logs stored by the operating system—can be accessed by investigators and potentially reveal communication details.
This revelation has coincided with a 145% increase in online search interest for decentralized social media platforms over five years, according to data from Exploding Topics cited in the report. The trend is driven by growing concerns over internet censorship and surveillance. For instance, during a social media ban in Nepal in September 2025, over 48,000 users downloaded Bitchat, a Bluetooth mesh messaging app that operates without an internet connection. Similarly, Telegram bans in Iran have driven users toward VPNs rather than state-approved alternatives.
