When I recommend Telegram to friends, it’s mostly out of privacy concerns, not security. There’s a difference between privacy and security. Highly simplified, security is confidentiality of your data, while privacy is appropriate use of your data. Of course, without confidentiality (encryption), your data can be intercepted and used inappropriately (e.g., collected by the NSA et al.), so entirely unencrypted transmissions are always susceptible to privacy violations. But Telegram’s protocol is encrypted, so the security is not a big issue for me here.
More clear definition:
Data security is commonly referred to as the confidentiality, availability, and integrity of data. In other words, it is all of the practices and processes that are in place to ensure data isn’t being used or accessed by unauthorized individuals or parties. Data security ensures that the data is accurate and reliable and is available when those with authorized access need it. A data security plan includes facets such as collecting only the required information, keeping it safe, and destroying any information that is no longer needed. These steps will help any business meet the legal obligations of possessing sensitive data.
Data privacy is suitably defined as the appropriate use of data. When companies and merchants use data or information that is provided or entrusted to them, the data should be used according to the agreed purposes. The Federal Trade Commission enforces penalties against companies that have negated to ensure the privacy of a customer’s data. In some cases, companies have sold, disclosed, or rented volumes of the consumer information that was entrusted to them to other parties without getting prior approval.
Security is the confidentiality of your data. That is, making sure only people who should access it do access it.
Privacy is the appropriate use of your data. That is, how people who should have data about you use the data they have.