Interview with Alexander Zharov on the Telegram Blockade

On April 13, 2018, the Tagansky District Court of Moscow granted Roskomnadzor’s (RKN) request to restrict access to the information resources provided by the Telegram messenger. By the following day, the number of blocked IP addresses belonging to American companies Amazon and Google exceeded 18.5 million. In an interview with “Izvestia,” Roskomnadzor head Alexander Zharov discussed how the agency plans to combat circumvention of the block via VPNs, communications with Pavel Durov and IT industry representatives, the possibility of blocking the entire Russian internet, and the future of Facebook’s operations in Russia.

Current Status of the Telegram Block

— What is happening with the Telegram block right now, considering how quickly the situation is changing?

— Currently, 18 subnets on Amazon and Google are being blocked. To recap: after the Federal Security Service (FSB) won in court, Roskomnadzor, in accordance with the law, filed a lawsuit in the Tagansky District Court of Moscow. On Friday, the court decided to block Telegram because the service failed to comply with the FSB’s demand for access to encryption keys and, consequently, to chats and accounts suspected of spreading extremist and terrorist information. The FSB has repeatedly informed us and other authorities that they have documented cases of this service being used to plan and carry out terrorist attacks both in Russia and abroad.

Why Wasn’t the Issue Settled Out of Court?

— Because there is essentially no dialogue with Telegram’s administration, which shows a complete unwillingness to cooperate. Only Telegram’s hired lawyers in Russia communicate with us, and they only discuss procedural matters, not technical ones. So, as soon as the court approved the block, we began implementing the decision. By Monday around 11:30 a.m., we uploaded Telegram’s IP addresses to the unified registry of banned information, and telecom operators began blocking them.

Technical Aspects of the Block

— How does this work technically?

— Telecom operators receive a daily list of IP addresses to block. There are about 4,200 operators in Russia providing internet access. They use technical methods to block services. Initially, we knew of more than 9,000 Telegram-owned IP addresses. Since we’re not just blocking a website but the entire messenger, we uploaded all four of its subnets. The block took a few hours, and from about 12:30 to 3:00 p.m., Telegram’s performance sharply degraded, as seen in our charts. For most users without special circumvention tools like proxy programs or VPNs, the messenger became inaccessible.

Telegram’s Response and Subnet Migration

— At some point, Telegram started changing its IP addresses…

— Yes, between 2:00 and 3:00 p.m., our technical specialists noticed Telegram switching to a different set of IP addresses—an Amazon subnet with over 600,000 IPs. We had to quickly determine if any legitimate resources were on those addresses. Our specialists analyzed the subnet, and by around 6:00 p.m., we provided it to telecom operators. From 7:00 to 10:00 p.m., we again saw Telegram’s degradation in Russia. Then it switched to a Google subnet with 540,000 IPs. Such a large number of IPs allows the service to migrate quickly—within two to four minutes—so blocking individual addresses is pointless; we have to block entire subnets.

Communication with Amazon and Google

— Are these companies aware of what’s happening? Have you informed them?

— Of course, all our actions to block subnets were accompanied by correspondence with the administrations of these American companies. But time zones matter: when it’s day here, it’s night there. Still, communication exists. We expect that for Amazon and Google, business comes first, not political motives. Meanwhile, Mr. Durov and the Telegram administration are using rather harsh methods, disregarding the interests of legitimate resources. Currently, about 20 subnets are being used to bypass the block, totaling over 10 million IP addresses. These are subnets of various sizes, some with over 2 million IPs, but mostly smaller ones with several hundred thousand addresses each.

Impact on Other Services

— According to internet users, blocking these subnets has already disrupted stores, banks, service companies, and even the RKN website, which was reportedly inaccessible yesterday…

— That information is not accurate. It’s the classic “someone called me, so it must be true.” I can confidently say that in 99.9% of cases, nothing went down except Telegram. As for the Roskomnadzor website, it was subjected to strong DDoS attacks on Tuesday.

Risk of Blocking the Entire Internet

— Are you concerned that by blocking a single messenger, you might end up blocking the entire internet?

— Obviously, that’s not our goal. Our aim is to implement the court’s decision with minimal impact on legitimate users. The decision is as significant as a law, and I think our Western colleagues understand that. Telegram should be removed from the App Store and Google Play, and American companies should create technical conditions to make the service inaccessible in Russia.

Negotiations with Amazon and Google

— Has any agreement been reached?

— As I said, there is ongoing dialogue. For Amazon and Google, this is a serious challenge: for example, 6 million Amazon IPs is almost half of all their IPs (they have about 13 million). So, they’re deciding whether to continue operating in Russia or not.

— Is there a chance they’ll leave?

— I don’t think so. Amazon’s main business is hosting, and it’s unlikely they’d want to lose that market here. Yesterday, we launched a hotline on the RKN website. If legitimate resources are affected, we’ll investigate. But we must comply with the court’s decision. Again, we have no intention of “taking down” the entire internet; our technical specialists analyze each subnet to see what resources are on it. Ultimately, Telegram’s administration is responsible for hiding behind third-party IP addresses and putting those companies at risk.

Encryption Keys and Law Enforcement

— You’re requesting encryption keys…

— That’s not our function; it’s the FSB’s.

— Okay, law enforcement. Am I correct that you’re only interested in accounts suspected of spreading prohibited information, not all of Telegram?

— Without getting into technical details, Anton Rozenberg (former partner of Pavel Durov at VKontakte) has said that it’s possible to obtain encryption keys for so-called non-secret and open chats.

The Dilemma of Open vs. Secret Chats

— So what’s the dilemma if you can get keys for open chats but not for secret ones?

— The key issue is that if Telegram’s administration wanted to cooperate, they would engage in dialogue with the FSB. But there is no dialogue; all communication is one-way. We send requests, but get no response. There’s a lot of talk about how Telegram helps people earn money, especially small businesses. Any messenger can be compared to an apartment building: people live, do business, socialize. If terrorists move in, it’s logical for law enforcement to ask the landlord for access to stop the threat. If the landlord refuses, that’s the situation with Telegram. Law-abiding people should consider whether they want to stay in a “bad building” whose owner refuses to follow the law, or move elsewhere.

— What if they don’t like the alternatives?

— I understand personal habits, but there are many other messengers. Statistics show Russians use about 70 different services. The argument “our favorite Telegram is the best, we only want to use it” is outweighed by the terrorist threat.

VPNs and Circumvention

— So mass installation of VPNs and other circumvention methods isn’t a problem for the FSB? People are essentially moving into a gray area, which should make law enforcement’s job harder…

— If you ask me whether it’s possible to block all proxy programs, I’d say no. There are hundreds of thousands, from homemade to commercial. But the most widely used ones can be blocked. We see programs that provide access to terrorist content. Moreover, last year’s law on proxy programs allows the Interior Ministry or FSB to add them to a special registry. They must either connect to the unified registry of banned information and start filtering, or be blocked. No new laws are needed; all the necessary powers already exist.

Why Only Telegram?

— Why is this only about Telegram? Are there no issues with other messengers?

— RKN doesn’t have the authority to conduct operational investigations; that’s the FSB’s job. According to their information, terrorists communicate via Telegram and the Zello internet radio. We eventually blocked Zello, which also tried to evade us using Amazon IPs, but Amazon ultimately denied them hosting. The situation with other services seems simpler, but I won’t speculate.

The Effectiveness of Blocking in the Digital Age

— Does it make sense to block anything in the digital age? Isn’t this a never-ending cat-and-mouse game?

— Ultimately, countries with internet access have two approaches. The first, like Russia and China, is to block prohibited information as determined by an authorized body. The second, used in Western Europe and the US, is to punish the user. In Europe, if you visit a torrent or pirate site, you’ll likely get a fine of several hundred euros. In the US, if you even accidentally visit a child pornography site, you’ll be warned the first time and arrested the second.

— So we want to follow China’s path?

— We have our own unique path. China focuses on “how to block,” not “what to block.” They selectively disable certain traffic. Our laws are much softer; we specify what information is prohibited or allowed, and we’re not talking about blocking all incoming traffic.

Market Shifts and Alternative Messengers

— With the Telegram block, there’s talk of a market shake-up and replacing it with another messenger, like “TamTam” from Mail.Ru Group…

— I’ve only heard about Mail.Ru’s messenger getting special treatment online. No one has discussed this with me. Forcing users to instantly abandon a familiar service like Telegram and switch en masse to TamTam or something else is impossible. TamTam is mentioned because it also allows channel creation and has a similar interface. Theories about a “post-Telegram” era are only due to Mr. Durov’s connections to both Mail.Ru and Telegram. That’s all there is to it.

On Russian Tech Innovation and Durov’s Projects

— As someone working in IT, do you feel disappointed that a Russian citizen created two competitive products—one was “taken away,” and now the second is being blocked? All this despite the president’s talk of technological breakthroughs…

— Yes, it is disappointing! The teams behind VKontakte and Telegram are strong and talented—not just Pavel Durov, but the whole team, including his brother Nikolai, a highly skilled programmer. Both VKontakte and Telegram are user-friendly services. The question is how Mr. Durov built his audience. VKontakte’s main draw was pirated content—music and movies—similar to Tor but without onion routing. The same happened with Telegram. Despite efforts to clean up VKontakte, it’s still on the US Trade Department’s “301 list” as a pirate resource. So claims that Telegram removes child pornography and terrorist accounts are somewhat disingenuous. It’s a philosophy for Mr. Durov: he talks about freedom, but absolute freedom means absolute responsibility. Here, there’s plenty of freedom, but little responsibility.

Combating Mass Circumvention

— What does RKN plan to do about mass circumvention of the block?

— Neither RKN, FSB, nor the state have any issues with people using Telegram for normal activities—creating bots, running channels. The issue is with the messenger’s administration. Mr. Durov, as a skilled marketer and PR person, shifts the blame to the audience and creates a conflict between authorities and users. Calls by some Telegram channels to mass-download VPNs are an attempt to appear elite. But people should care about who they’re associating with—terrorists or normal people.

Facebook’s Future in Russia

— Last year, there was talk of blocking Facebook. What’s the current situation? Have you met with their administration?

— I meet with Facebook representatives about twice a year. There are rumors that I let Facebook off the hook because of special relationships, but that’s not true. At my last meeting in February, we reiterated our position. By the end of 2018, we’ll audit the company, and several requirements must be met: localizing Russian citizens’ data in Russia, removing all prohibited information (they’re already behind schedule), and complying with other laws. If these aren’t met, or if the Russian government isn’t informed of plans to comply, blocking will be considered.

— Any predictions?

— Let’s not speculate. I hope my answer will encourage Facebook to comply with Russian law.

Dialogue with Pavel Durov

— Will you try to open a dialogue with Pavel Durov again?

— Mr. Durov has all the contact information needed to communicate with us and the FSB. Right now, there’s little basis for resuming talks. We just discussed the talented programmers behind VKontakte and Telegram. But talent is only one side of the coin; the other is following the law and taking responsibility. In the battle between two talented literary characters—the great detective Sherlock Holmes and the criminal genius Professor Moriarty—my sympathies have always been, and will always be, with Holmes and the law.