Telegram CEO Warns EU Age Verification Tool Could Lead to Mass Surveillance Pavel Durov, the founder and CEO of the messaging app Telegram, has issued a stark warning about a new European Union age verification method, suggesting it could be a stepping stone to pervasive online identity tracking and control. His comments follow reports that the application in question was compromised by hackers in a matter of minutes, raising serious questions about its security and broader implications. The system, known as the EU Digital Identity Wallet, aims to provide a secure way for Europeans to verify their age and other credentials online without oversharing personal data. A specific age verification app, built on this framework, is intended to allow users to prove they are adults when accessing online content or services, such as social media or adult websites, by providing a simple yes or no confirmation without revealing their exact birth date. However, Durov highlighted a demonstration by security researchers who allegedly breached the prototype app in under two hours. This vulnerability, he argues, exposes a fundamental flaw not just in the implementation but in the concept of centralizing sensitive identity data. If a system designed for high security can be hacked so quickly during a controlled test, he questions its resilience against real world malicious actors. Durov’s primary concern extends beyond the immediate security flaw. He frames the initiative as a potential gateway to a much more extensive surveillance apparatus. Once a government mandated system for verifying age is widely adopted and integrated into websites and apps, the infrastructure for digital identity control is already in place. He warns that the scope could easily expand from age checks to validating real names, tax status, political affiliation, or even social credit scores for accessing various online services. This, Durov cautions, would fundamentally alter the nature of the open internet. He draws a parallel to China’s strict internet controls, suggesting the EU is on a path toward creating a similar model of centralized digital identity that could be used to monitor and restrict citizen behavior online under the guise of safety and security. For Durov, a proponent of privacy focused and encrypted communication, this represents a direct threat to personal freedom. The Telegram CEO used the incident to promote his platform’s alternative approach. Telegram offers optional, anonymous age verification through its Fragment platform, which uses blockchain based anonymous numbers. This method allows platforms to confirm a user is over a certain age without linking that verification to a government ID or a person’s real world identity, thereby preventing the creation of a centralized trackable profile. The EU Commission has defended its digital identity project, stating that the wallet is designed with privacy at its core and gives citizens full control over what data they share and with whom. They emphasize that the goal is to reduce unnecessary data sharing and provide a secure, convenient alternative to current, often less secure, commercial login methods. Nonetheless, Durov’s warning taps into a deep seated debate within the tech and crypto communities about privacy, state control, and the future of the internet. The incident underscores the tension between the desire for safer online spaces, particularly for minors, and the risk of building systems that could enable unprecedented surveillance. As such digital identity tools move from proposal to reality, the discussion around their security, design, and potential for mission creep is likely to intensify, with advocates for decentralization and privacy urging extreme caution.
