BlackBerry refuses to help on security

NEW DELHI: The stand-off between the Indian government and BlackBerry manufacturer Research in Motion (RIM) intensified on Tuesday, with RIM stating that it would not "compromise the integrity and security of the BlackBerry Enterprise Solution". It added that "RIM would simply be unable to accommodate any request for a copy of a customer's encryption key since at no time does RIM, or any wireless network operator, ever possess a copy of the key".

Security agencies are concerned that BlackBerry's encrypted services could pose a national security threat. They have been seeking access to these services.

However, in a statement titled "Customer Update", RIM said, ``The BlackBerry security architecture for enterprise customers is based on a symmetric key system whereby the customer creates their own key and only the customer ever possesses a copy of their encryption key. RIM does not possess a master key, nor does any back door exist in the system that would allow RIM or any third party to gain unauthorized access to the key or corporate data."

"The BlackBerry security architecture for enterprise customers is purposefully designed to exclude the capability for RIM or any third party to read encrypted information under any circumstances. RIM would simply be unable to accommodate any request for a copy of a customers encryption key since at no time does RIM, or any wireless network operator, ever possess a copy of the key," explained the statement.

It also said that the location of data centres and the customers choice of wireless network are ``irrelevant factors from a security perspective since end-to-end encryption is utilized...and all data remains encrypted through all points of transfer between the customers BlackBerry Enterprise Server and the customers device."

The government requires simultaneous or real-time interception which has to be delivered in a readable format. RIM's stance does not indicate any desire to comply with this requirement.

``While privacy and business continuity are important, the fact is that BlackBerry phones are being misused by terrorists for voice, e-mail/data and Net surfing, so why should RIM expect special treatment in terms of impunity from law?", asked a security expert.

Experts also point out that RIM should be in a position to prove that the government's request is unreasonable if it does indeed seek special exemption from the security requirement.

UAE and Saudi Arabia have already said they will ban the use of BlackBerry phones in their countries by October this year. It remains to be seen what stance the Indian government takes.

With this development, BlackBerry joins a growing list of innovative technology companies such as Google and Facebook which are loved by consumers but are running afoul of governments and privacy advocates alike.

Meanwhile, the popularity of BlackBerry phones is growing exponentially. RIM shipped its 100 millionth phone in the last quarter, of which 50 million phones were sold in the last 14 months alone. While the company refuses to divulge country-specific sales data, it sells 18 models in India through nine operators and one retail distribution partner, in contrast to three models through a single operator, Airtel, in 2004.