Toy may call it TLS but it’s a custom protocol.
Sure, it’s mtproto. The security it provides for non-encrypted chats (which are the absolute majority of chats) is not any different from just having TLS for transport. It’s potentially even worse as it’s not as well-audited.
Data is not kept unencrypted on their servers, according to their docs.
That just means that they store both your data in some encrypted way and the key. They can still read it trivially. You don’t even have to know the protocol to understand why: you can add new devices without having any other device online, and read all non-secret chats. It might also just mean disk encryption, in which case it’s plain-text in RAM while the server is running.
Here it’s definitely part of discussion. The context was
It’s barely anonymous, and poorly encrypted. The latter is the reason Durov is in custody while Signal devs are scott free. He could easily turn illegal stuff over to French authorities, but doesn’t.
There have absolutely been cases where a backdoor/weakness/lack of encryption used to catch criminals before: https://en.wikipedia.org/wiki/Operation_Trojan_Shield https://en.wikipedia.org/wiki/Ennetcom https://en.wikipedia.org/wiki/EncroChat . I distinctly remember that there were also arrests of opposition activists in Russia based on personal messages in VKontakte, but can’t find the news right now.
Some are staying safe, others are being caught precisely because of this.
Using better encryption schemes is definitely part of that.