Exactly what I said in my post above.

Durov made it HARD to get Telegram user data. It was easier and cheaper to take him hostage than to steal the user data in bulk.

I don't doubt ECHELON can get root access if they want, via hardware trojans. But that's tedious work plus mad skillz.