I think parent's point is, if data appears on sceen, the OS in theory can capture it and send to Google servers as screenshots or OCR'd text.

Yes, that likely is the GP's point, but it's not really relevant to the discussion going on in this thread. Certainly Google could "backdoor" its OS in that way, but they have little motivation to do so (and a lot to lose if they were to do so and were found out). Their recent move to make their location history / timeline product an on-device-only feature because they don't want to have to respond to law enforcement requests for user location data would seem to suggest they really would prefer to not have this sort of data.

At any rate, the discussion going on here is about how Durov has been arrested because Telegram refuses to respond to law enforcement requests, when they do have the ability to do so; and if they were to actually implement E2EE by default (and for group chats), Durov would likely not be in trouble, since Telegram would be unable to provide anything when requested.

> Their recent move to make their location history / timeline product an on-device-only feature because they don't want to have to respond to law enforcement requests for user location data would seem to suggest they really would prefer to not have this sort of data.

I suspect that isn’t the motivation. GDPR says that you have to give users choices about data stored like this (including right to be forgotten, how it’s processed and used and so on), and this becomes a technical, legal and commercial nightmare very quickly. The easier route is just to get rid of it if you can.

This saves Google money (it likely wasn’t that useful to sell to advertisers), makes legal compliance a lot easier and de-risks them from very large fines.

I suspect that the EU lawmakers didn’t think about second order effects like making it harder for law enforcement to access this data in scenarios like this.