news

Telegram's Pavel Durov Warns Push Notifications Can Expose Private Messages

Dhananjay Singh
Published: April 12, 2026
5 min read
Telegram's Pavel Durov Warns Push Notifications Can Expose Private Messages

STAY UPDATED WITH COTI

Follow COTI across social media platforms to get the latest news, updates and community discussions.

X IconFollow on XTelegram IconJoin Telegram
Make us preferred on Google

Summary:

  • Telegram co-founder Pavel Durov says push notifications are a hidden privacy risk.
  • His comments follow reports that the FBI accessed deleted Signal messages via notification logs on iPhones.
  • Durov argues disabling previews is not enough to protect users.
  • He claims only fully separated chat systems can balance usability and privacy.
  • The discussion adds pressure on messaging apps over how they handle sensitive data.

Telegram co-founder Pavel Durov has raised fresh concerns about the role push notifications play in exposing private user data, arguing they represent a persistent weakness in modern messaging apps. His comments came after a report from 404 Media revealed that the Federal Bureau of Investigation was able to retrieve deleted messages from a Signal user. According to the report, investigators accessed message content stored in an iPhone's notification database - even after the messages themselves had been deleted. That detail has shifted attention toward a part of messaging systems many users rarely think about. When a message arrives, a preview is often stored locally on the device as part of the notification system. In some cases, those logs can persist longer than the messages inside the app itself.

Durov argued that this creates a blind spot for users who assume that deleting a message - or even an entire app - removes all traces of communication.

"Turning off notification previews won't make you safe if you use those apps, because you never know whether the people you message have done the same. So Telegram's Secret Chats design that forces the absence of notifications previews is the only solution. Obviously, this hurts usability, that's why Telegram has two types of chats: Secret and Cloud." Source
 

His concerns about privacy are not just about encryption inside the app. It also depends on how data is handled at the device level, including notifications that sit outside the core messaging system.

The Trade-Off Between Privacy and Usability

Durov suggests that many messaging platforms face a structural problem - trying to offer both strong privacy and smooth user experience within a single chat system. In his view, that balance often leads to compromises. Some apps prioritize convenience, allowing features like backups or message previews that make daily use easier but introduce potential data exposure. Others focus on security, but at the cost of limiting features users have come to expect. He pointed to examples across the industry, arguing that attempts to combine both approaches tend to fall short. In short, Durov suggested that platforms trying to deliver full security and full usability in one system often end up weakening both, exposing user data through areas like backups or notification systems.

He expanded on that idea with a broader reflection on Telegram's design philosophy, highlighting its dual structure of Cloud Chats and Secret Chats. The company separates everyday messaging from its fully encrypted mode:

"12+ years passed since Telegram started the end-to-end encryption revolution by launching Secret Chats. Since then, dozens of apps followed suit and made bold claims about their encryption. But no app has been able to beat our Cloud Chats in usability and our Secret Chats in security. Their try to mix the two and get neither." Source

This approach, according to Durov, avoids the need for trade-offs within a single system. Users can choose convenience or privacy depending on the situation. Still, that model comes with its own limitations. Fully secure chats often lack features like seamless syncing across devices, message previews, and cloud backups - all of which many users expect from modern messaging apps.

What This Means for Messaging Apps and Users

The debate sparked by Durov's comments touches on a larger issue that extends beyond any single platform. Messaging apps have become central to both personal and professional communication, and expectations around privacy have grown alongside their adoption. The report involving Signal shows that even apps widely seen as secure can have weak points outside their core encryption systems. In this case, the vulnerability did not come from breaking encryption but from accessing data stored elsewhere on the device. It suggests that improving encryption alone may not fully address privacy concerns if other parts of the system - like notifications, backups, or operating system logs - still expose sensitive data.

For developers, the challenge is harder. Any step taken to improve privacy often affects usability. Removing notification previews, limiting backups, or restricting cross-device syncing can protect data but also make apps less convenient. Durov's position leans clearly toward separating these experiences. Whether that model becomes more common across the industry remains uncertain. Privacy discussions are moving beyond encryption alone. As this case shows, the smallest features - like a notification preview - can end up carrying more weight than users expect.

Final Thoughts

Durov's warning lands at a time when trust in digital privacy is constantly being tested. The idea that deleted messages can still be recovered through system-level logs challenges a basic assumption many users hold. It also reframes how people think about secure communication. Encryption is only one layer. What happens outside the app - in notifications, backups, and operating systems - can matter just as much. Messaging platforms now face a familiar tension: making apps easy to use while keeping user data protected. There is no clean solution yet, only different trade-offs. Durov's answer is to split the experience in two. Others are still trying to find a middle ground. Either way, the conversation is not going away.

READ MORE: Trump Cyber Strategy Puts Crypto and Blockchain Security at Center of U.S. Tech Leadership

Related Topics

#Pavel Durov#Expose Private Messages#Notifications Expose

About the Project

Crypto News

About the Author

Dhananjay Singh

Dhananjay Singh

Dhananjay Singh is a DeFi reporter at CotiNews covering the evolving decentralized finance landscape. His work focuses on developments within the Ethereum ecosystem and the growing COTI network. He holds a Bachelor’s degree in Political Science from the University of Delhi.

View all articles

Disclaimer

The views and opinions expressed in this article are those of the authors and do not necessarily reflect the official stance of CotiNews or the COTI ecosystem. All content published on CotiNews is for informational and educational purposes only and should not be construed as financial, investment, legal, or technological advice. CotiNews is an independent publication and is not affiliated with coti.io, coti.foundation or its team. While we strive for accuracy, we do not guarantee the completeness or reliability of the information presented. Readers are strongly encouraged to do their own research (DYOR) before making any decisions based on the content provided. For corrections, feedback, or content takedown requests, please reach out to us at

contact@coti.news

Stay Ahead of the Chain

Subscribe to the CotiNews newsletter for weekly updates on COTI V2, ecosystem developments, builder insights, and deep dives into privacy tech and industry.
No spam. Just the alpha straight to your inbox.

We care about the protection of your data. Read our Privacy Policy.