Britain’s communications regulator is pressing Telegram to find ways of seeing what its users say to one another in private. Ofcom has begun questioning the messaging app about how it detects and prevents illegal incitement, following the conviction of a Ukrainian man for arson attacks on a car and properties connected to Prime Minister Keir Starmer.
Roman Lavrynovych, 22, was reportedly drawn in through a public Telegram channel that advertised money to post and print leaflets, and that channel broke no laws. It offered legal work and told anyone interested to “contact in private messages.” The real offers, first for the poster work and later for the arson, reportedly moved into one-to-one chats away from public view.
A spokesperson for Ofcom said it had contacted the app “to seek further clarification” because the arsonist had been directed on Telegram by a handler linked to Russia.
The regulator frames this as a preliminary stage ahead of any formal investigation, though the questions point in one direction. If nothing illegal appeared in the open channel, the only place left to look is inside the private conversations between individual users.
That request carries a cost the regulator has not spelled out. Telegram cannot scan private messages for signs of incitement without reading private messages, all of them, belonging to everyone, not the handful that turn out to involve a crime.
The arson plot stayed hidden in personal chats precisely because that is where people expect to speak without an audience. Asking Telegram to surface that content means asking it to treat ordinary private conversation as something to be inspected by default.
It is not even settled what “private messages” covers here and the ambiguity raises the stakes. Telegram’s standard chats sit on its servers. Its secret chats use end-to-end encryption that the company itself cannot read, but only when turned on, and the feature is not turned on by default.
Court reporting has not made clear which kind carried the arson offers. Should Ofcom expect detection inside encrypted chats, it is effectively asking Telegram to build a route around its own encryption, most likely by scanning messages on the user’s device before they are sealed. That hollows out the protection for the people who relied on it. A message read before it is encrypted was never really encrypted.
A single conviction has become the occasion to ask a platform how it inspects private speech in general and the answer Ofcom seems to want is closer inspection.
The push runs in one direction across the Online Safety Act, through age checks, hash-matching against databases of banned images, automated tools to flag grooming and self-harm content, and now questions about catching incitement inside private chats.
Detection keeps moving inward, from public posts toward the conversations people assumed only their recipient would see. Real harms justify the steps one at a time and the cumulative effect normalizes a new baseline, where a messaging app is expected to read along and act as an extension of the regulator’s reach. The Act backs that expectation with fines of up to £18 million ($24M) or a tenth of global revenue, which is leverage enough to make most companies listen.
