Telegram say they have gone pretty far to make sure they cannot get hold of private messages - even the ones who aren't E2E-encrypted.
How? As far as I understand by having the client download encrypted messages from one Telegram server and keys from another and then place those servers in different datacenters in different jurisdictions.
FTR: of course I am aware that unlike E2E-encrypted messaging in this case you have to trust the vendor. If you do is up to you. I trust them more than WhatsApp (who are E2E-encrypted but backup to NSA^HGoogle and try to extract all kinds of metadata) and less than Signal (even though Signal has had at least one horribly security glitch).
One more thing: Telegram are also pretty open on the fact that they take down public terrorist content.
How? As far as I understand by having the client download encrypted messages from one Telegram server and keys from another and then place those servers in different datacenters in different jurisdictions.
FTR: of course I am aware that unlike E2E-encrypted messaging in this case you have to trust the vendor. If you do is up to you. I trust them more than WhatsApp (who are E2E-encrypted but backup to NSA^HGoogle and try to extract all kinds of metadata) and less than Signal (even though Signal has had at least one horribly security glitch).
One more thing: Telegram are also pretty open on the fact that they take down public terrorist content.