Durov warns messaging push notifications pose a privacy risk

Pavel Durov, the co‑founder of Telegram, sparked a privacy-focused conversation around the fragility of end-to-end encryption when push notification data can linger on devices. He cited a report that pointed to how investigators could access deleted messages by inspecting device notification logs, a reminder that metadata and notification activity can outlive the apps themselves.

According to a report originally published by 404 Media, the United States Federal Bureau of Investigation (FBI) allegedly retrieved deleted messages from a Signal user by accessing the iPhone’s notification database. Durov commented on Friday that simply turning off notification previews does not guarantee safety, because the recipients’ devices may still carry data traces or have different privacy settings. His remarks were shared with his followers, reinforcing a common concern among privacy advocates that encryption alone cannot shield users from metadata exposure.

“Turning off notification previews won’t make you safe if you use those applications, because you never know whether the people you message have done the same.”

Cointelegraph reached out to Signal for comment on the FBI data-retrieval claim, but did not receive a response by publication time. The discussion underscores a broader tension in digital privacy: even with strong encryption, information generated by messaging apps—such as metadata, contact graphs, and notification history—can be exploited by skilled investigators or sophisticated surveillance tools.

The unfolding narrative has fueled calls for alternatives that minimize data collection. Analysts and privacy advocates have argued that decentralized messaging models—where data storage and control are distributed rather than centralized—could reduce the risk surface associated with metadata and notification events.

Key takeaways

• Push notifications may pose a persistent privacy risk, enabling data trails even after a messaging app is removed or its messages deleted.
• A report cited by Pavel Durov describes FBI access to notification logs on an iPhone as a vector for recovering deleted messages, highlighting metadata’s potential reach.
• The debate has amplified interest in decentralized messaging as a privacy-centric alternative, with early adoption visible in regions facing censorship and outages.
• Real-world usage demonstrates how users circumvent bans and surveillance through VPNs and alternative networks, illustrating tensions between state control and user privacy.
• Observers expect a continued push toward privacy-preserving architectures that minimize data collection and reliance on centralized servers.

Decentralized messaging gains traction amid unrest and silenced channels

As geopolitical tensions and civil unrest intensify, decentralized messaging platforms have seen a notable uptick in user interest. Analysts point to the appeal of platforms that can operate without relying on centralized servers, reducing single points of failure and potential data leakage during state crackdowns.

One notable example is Bitchat, a peer-to-peer messaging application that leverages Bluetooth mesh networks to relay information between devices. By design, such networks can function without continuous internet access, offering an alternative path for communication when traditional channels are disrupted.

The shift from centralized ecosystems toward privacy-preserving tools appears to be more than a speculative trend. In September 2025, Nepal saw thousands of new users turning to Bitchat as a response to nationwide social media restrictions, with more than 48,000 downloads reported during that period. This surge mirrors a broader pattern of citizens seeking resilient, censorship-resistant means of staying connected in times of political strain.

Beyond the local dynamics, Durov emphasized that people are finding ways to bypass national firewalls and platform bans through tools like virtual private networks. He even noted the political reality in Iran, where, despite extended government restrictions, more than 50 million users reportedly accessed or downloaded Telegram in defiance of bans. The dynamic underscores a clash between regulatory aims and user-driven privacy solutions, a tension likely to shape development priorities in the messaging space.

What this means for users, builders, and regulators

The FBI’s reported data-recovery pathway from notification logs and Durov’s critique of notification-based privacy gaps collectively stress a critical question for the market: how can messaging ecosystems balance usability with robust privacy guarantees in a landscape where metadata can still be leveraged by outsiders? The answer, many in the space contend, lies in adopting decentralized, privacy-preserving architectures that minimize data collection and reduce reliance on centralized metadata stores.

For users and builders, the takeaway is clear. End-to-end encryption remains essential but insufficient on its own if app-side metadata and push notification data can be exploited. The emergence of decentralized messaging tools is accelerating as a practical countermeasure—tools that aim to limit what is stored, who can access it, and where it is retained. Regulators, meanwhile, face a evolving challenge: how to protect privacy without stifling legitimate law enforcement capabilities, a balance that is likely to dominate policy discussions in the coming years.

Industry observers also point to a broader market implication. The rise of privacy-centric messaging could influence developers to invest in client-side privacy controls, cross-device privacy guarantees, and protocols designed to minimize metadata exposure. In parallel, the ongoing debate about messaging regulations and civil liberties continues to intersect with geopolitical events, potentially accelerating adoption of decentralized frameworks in regions where censorship and surveillance are more acute.

For readers watching the space, the next developments to track include how major messaging platforms respond to privacy concerns, what new decentralized protocols gain traction in different markets, and how regulators respond to a growing demand for privacy-preserving communications. As the ecosystem evolves, the balance between accessibility, privacy, and accountability will shape user experience and the long-term viability of alternative messaging networks.