Privacy on Telegram — what's actually private (and what isn't)
An honest, non-paranoid guide to what Telegram can and can't see, who else can see what, how Secret Chats actually work, and the privacy settings that matter most.
Telegram has a privacy reputation that gets repeated by people who haven’t read the actual model. The honest version: Telegram has good privacy controls and imperfect default encryption. Both things are true.
This guide is the non-paranoid, factually-careful walkthrough of what’s encrypted, what’s metadata, what Telegram itself can technically see, and which settings actually move the needle.
How Telegram chats are encrypted
Telegram uses a custom protocol called MTProto (currently version 2.0). It has two modes.
Cloud chats (default)
Your normal one-to-one chats, group chats, and channels. They are:
- Encrypted in transit between your device and Telegram’s servers (client-server encryption).
- Encrypted at rest on Telegram’s servers.
- Not end-to-end encrypted. Telegram has the keys to read them server-side if compelled or if there’s a security breach.
Why this design? It enables every-device-sync (open a new device, all chats appear), full-text search of history, multi-admin groups, channels, bots that can automate on top of your messages — things E2E encryption mathematically prevents.
Telegram’s stated policy is that they have not handed over decrypted user data to any government and would resist legal pressure (the founder famously left Russia rather than comply). Their Transparency Reports back this claim to date. Your trust in Telegram for cloud chats reduces to trusting Telegram’s operational integrity.
Secret Chats
A separate, opt-in chat type:
- End-to-end encrypted — only the two devices in the chat have the keys.
- Single-device — they live on the device you started them on. They don’t sync to your laptop or appear if you reinstall.
- Self-destruct — optional auto-delete timer (1 second to 1 week).
- Forward disabled — forwarding is harder; screenshots can be detected on iOS but not prevented.
To start one: open a contact’s profile → menu (⋯) → Start Secret Chat. They’re visually marked with a small lock icon next to the contact name.
If you want true private content with one specific person, use Secret Chats. They’re the only path on Telegram for E2E.
Group chats and channels
Groups (any size) and channels are always cloud chats. There is no E2E group chat option. If you need E2E for a group, the protocol simply doesn’t support it (Telegram, Discord, Slack, and most messaging products are in the same boat — Signal and WhatsApp are the exceptions).
Voice & video calls
One-to-one voice and video calls are end-to-end encrypted. Group voice/video chats are not — same trade-off as group text.
What Telegram (and others) can see
Even when content is encrypted, the following exists:
| Data | Visible to Telegram | Visible to others |
|---|---|---|
| Chat content (cloud) | yes | only chat participants |
| Chat content (Secret) | no | only chat participants |
| Phone number | yes | configurable per privacy setting |
| Username | yes | everyone who can see your profile |
| Profile photo | yes | configurable per privacy setting |
| Last seen / online | yes | configurable per privacy setting |
| Contacts you sync | yes (matched by phone) | not exposed |
| IP address (basic) | yes | not exposed |
| Devices you use | yes | only you (Settings → Devices) |
| Group/channel memberships | yes | depends on group/channel privacy |
| Messages you send to bots | yes (server) + yes to the bot’s owner | bot owner |
The phone number → identity link is the main privacy reality on Telegram. If someone has your number, they can find you (subject to your settings). If they don’t, they need your username.
To register without exposing your real phone, you can buy an anonymous number via Fragment — a TON-based marketplace for SIM-less Telegram numbers. Costs ~$10-50. Used by people who genuinely need to separate identities.
The settings that actually matter
If you do nothing else, change these. Settings → Privacy and Security.
Phone number
- Who can see my phone number: My Contacts or Nobody. Don’t leave it on Everybody.
- Who can find me by my number: My Contacts. This stops random people who happen to have your number from auto-finding you.
Last seen & online
- My Contacts or Nobody. There’s no benefit to broadcasting when you were last online to strangers.
Profile photo
- My Contacts is the safe default.
Forwarded messages
- My Contacts. When someone forwards your message, your name appears as a clickable link by default. Restricting this hides your identity in forwards.
Calls
- My Contacts. Stops spam call attempts from random accounts.
Two-Step Verification
- Set a password. This is what protects your account if your SIM is stolen or SIM-swapped. Use something unique to Telegram. Add a recovery email.
Active sessions
- Check the list. If you see a device you don’t recognize, tap Terminate. Do this every few months as a hygiene check.
Auto-delete messages
- Optional. You can set a global default that all new chats start with messages auto-deleting after 24 hours / 7 days / 31 days. Not retroactive. Useful for the privacy-conscious.
Things people often confuse
“Telegram is encrypted, so it’s secure” — partially true. Cloud chats are encrypted in transit and at rest, just not end-to-end. Secret chats are E2E. Don’t conflate.
“I deleted the message, so it’s gone” — usually yes, on both ends. Telegram’s “delete for everyone” actually deletes from the recipient’s device too, in cloud chats. Secret Chat deletions are similar. But screenshots, forwards, and downloaded media obviously persist.
“Telegram knows everything about me” — knows what you do on Telegram (chats, channels, contact graph, IPs, device list). Doesn’t know your browsing outside the app, your other accounts, your location beyond rough IP geolocation, or anything you don’t tell it.
“My Telegram username is private” — no. Usernames are global and searchable. If you want to keep an account unfindable by username, don’t set one.
“Telegram has no ads” — has ads, only inside large public channels (1k+ subscribers), as Sponsored Messages. Premium users see fewer; nobody sees ads in DMs.
What to use Secret Chats for
Realistic use cases for Secret Chats specifically:
- Sending sensitive credentials or personal documents to one specific person
- Conversations with sources (journalists)
- Politically sensitive discussion in countries with surveillance
- Sharing screenshots that include personal information
For everyday chat, Secret Chats are inconvenient (single-device, no search across devices). Most people don’t use them daily. Use them for the specific moments when E2E matters.
When to use Signal instead
Telegram is fine for 95% of needs. Signal is better when:
- E2E encryption must be the default and only mode, not an opt-in
- You need disappearing messages with a clearer track record
- You’re collaborating with sources who insist on Signal
- Group chats need E2E (Signal supports this; Telegram doesn’t)
Many people use both: Telegram for the platform features (channels, bots, Mini Apps), Signal for sensitive conversations. Nothing wrong with that.
What Telegram has done well historically
- Resisted government takedown attempts (Russia, Iran, multiple court orders) — at significant operational cost.
- Open MTProto specification — third parties can audit. Multiple academic reviews exist.
- No backdoors disclosed to date — including under significant legal pressure.
- Transparency Reports published regularly.
What Telegram has not done well
- Default encryption is weaker than Signal/WhatsApp. That’s the trade-off for cloud sync; users should know.
- Public channels and groups have been used for illegal content — Telegram has improved moderation but still gets criticism.
- The MTProto protocol is custom. Cryptographers prefer well-vetted standards (the Signal Protocol, used by WhatsApp). Reviews of MTProto have generally been favorable but it remains less battle-tested.
Bottom line
Telegram is a good messenger with decent privacy controls and one significant trade-off: cloud chats aren’t E2E. Set the privacy settings above on day one, use Secret Chats for the moments that really matter, and you’re in a defensible spot.
If your threat model is high (journalist with sources, activist in an authoritarian country, sensitive corporate communication), use Signal as your default and Telegram for the platform features. If your threat model is normal, Telegram is fine.
Read next
What Telegram actually is in 2026 (and what it isn't)
If you're new to Telegram, here's an honest tour of what makes it different from WhatsApp, Discord, Signal, and iMessage — what it does well, what it doesn't, and what's free vs paid.
Telegram Premium — is it worth it?
An honest, feature-by-feature breakdown of Telegram Premium in 2026 — what each perk actually does, who needs it, who doesn't, and what to skip if you upgrade.
Your first hour on Telegram
A step-by-step setup for someone installing Telegram for the first time — phone number, profile, privacy, finding people, joining your first channel and group, customizing the app.