The long-running rivalry between messaging platforms has entered a new phase, as Pavel Durov publicly accused WhatsApp of misleading users about its privacy protections. In a series of statements that quickly gained global attention, the founder of Telegram argued that WhatsApp’s widely promoted end-to-end encryption model fails to fully safeguard user data-especially when cloud backups are involved.

Durov’s remarks, including his provocative assurance that “your nudes are safe with us,” were not merely rhetorical. They represent a broader critique of how messaging platforms communicate security features to users and how those features function in practice. At the core of the dispute lies a technical but crucial issue: the difference between encryption in transit and the security of stored data.

Meta Platforms, the parent company of WhatsApp, has consistently maintained that its service provides end-to-end encryption by default. This means that messages are encrypted on the sender’s device and can only be decrypted on the recipient’s device, theoretically preventing even Meta itself from accessing the content.

However, Durov argues that this claim is incomplete and potentially misleading. According to him, a significant portion of user messages ultimately resides in cloud backups stored on services operated by Apple and Google. These backups, he claims, may not always be protected by the same level of encryption, leaving them vulnerable to legal access requests or security breaches.

“Add the fact that WhatsApp stores and discloses who you chat with, and the picture is dire,” Durov stated, pointing not only to message content but also to metadata-information about who communicates with whom and when. Metadata, while less visible to users, is often highly valuable for surveillance and data analysis.

The controversy highlights a widely acknowledged issue in digital security: cloud backups can undermine otherwise strong encryption systems. While WhatsApp messages themselves are encrypted, backups stored externally may not be unless users explicitly enable additional security features.

Security researchers have long warned that this creates a potential loophole. If backups are stored in plain text-or even in encrypted form without user-controlled keys-they could be accessed by service providers or disclosed under legal obligations. Durov amplified these concerns by alleging that Apple and Google provide such data to third parties “thousands of times per year,” though these claims remain contested and lack publicly verified figures.

Meta, for its part, has introduced optional end-to-end encrypted backups, allowing users to secure their stored data with a password or encryption key. However, this feature is not always enabled by default, meaning many users may unknowingly rely on less secure backup configurations.

Despite Durov’s strong criticism, Telegram’s security model is not without controversy. Unlike WhatsApp, Telegram does not apply end-to-end encryption to all messages by default. Instead, users must initiate a “Secret Chat” to activate full end-to-end encryption.

Regular Telegram chats are stored in the company’s cloud infrastructure, which allows for convenient multi-device access but introduces its own set of risks. Critics argue that any centrally stored data-even if encrypted-could be subject to legal requests or targeted attacks.

This creates a nuanced situation: while Durov criticizes WhatsApp’s backup practices, Telegram itself relies heavily on cloud storage for its core functionality. The debate, therefore, is less about absolute security and more about trade-offs between usability, transparency, and user control.

The dispute unfolds against a backdrop of increasing scrutiny over digital privacy practices. In January, a class-action lawsuit was filed against Meta in a US district court, accusing the company of making false claims about WhatsApp’s privacy protections. The plaintiffs, representing multiple countries, allege that users were misled into believing their data was more secure than it actually is.

Meta has strongly rejected these allegations. A spokesperson, Andy Stone, described claims that WhatsApp messages are not encrypted as “categorically false and absurd,” dismissing the lawsuit as baseless.

This legal pressure reflects a broader shift in public expectations. As users become more aware of data privacy issues, companies face increasing demands to clarify how their systems work-not just in marketing language but in technical reality.

At its core, the Telegram-WhatsApp dispute is about trust. Messaging apps handle some of the most sensitive aspects of modern life, from personal conversations to business communications. Users rely on these platforms not only for convenience but also for confidentiality.

Durov’s blunt messaging strategy-highlighted by his viral comment about protecting intimate content-aims to position Telegram as a more trustworthy alternative. However, experts caution that no platform offers perfect security. Instead, users must understand the specific features and limitations of each service.

For example, WhatsApp’s default end-to-end encryption provides strong protection for messages in transit, but users must take additional steps to secure backups. Telegram offers optional end-to-end encryption but requires users to actively enable it through Secret Chats.

The clash between Telegram and WhatsApp reflects intensifying competition in the messaging app market, where privacy has become a key differentiator. Platforms are no longer judged solely on features and user experience; their security architectures and data policies are now central to their value proposition.

Durov has long framed WhatsApp as a “tool of surveillance,” particularly since its acquisition by Meta (then Facebook) in 2014. He has also suggested that vulnerabilities in the app may not be accidental-a claim that Meta has consistently denied.

Meanwhile, WhatsApp continues to emphasize its global scale and robust encryption framework, arguing that its approach balances security with accessibility for billions of users.

The ongoing dispute between Telegram and WhatsApp underscores a fundamental challenge in modern digital communication: achieving both convenience and uncompromising security. While Pavel Durov raises valid concerns about cloud backups and metadata, his criticisms also highlight the complexities and trade-offs inherent in any messaging platform.

For users, the takeaway is clear: understanding how privacy features work is essential. Encryption claims, while important, do not tell the whole story. Factors such as backup settings, metadata handling, and default configurations all play a critical role in determining how secure a platform truly is.

As legal battles and public debates continue, the pressure on companies like Meta Platforms and Telegram will only intensify. In this evolving landscape, transparency-not just technology-may ultimately prove to be the most valuable asset.

Please follow Blitz on Google News Channel