|
|
|
Research in Motion is in a pretty tricky position at present. It has to balance the growing demands from governments to access the data of its users with maintaining its reputation as a provider of a highly secure service, and hold true to its statement that it has done no governments special deals.
Even trickier is suggesting exactly what is going on behind closed doors. V3.co.uk has had a stab, but here's the summarised version.
The statements, from Indian, Saudi and United Arab Emirates authorities so far have been fairly short on detail. The UAE is set to ban BlackBerry email, web and Messenger services from October, although frustratingly it does not seem to discriminate between BES and BIS services, that is broadly speaking between enterprise and consumer users, merely that it's not happy with data being sent abroad.
The Saudis appear to have been a little easier to placate. Their beef is specifically with Messenger, and it seems that the authorities there are happy to have access to encrypted data from BIS users alone. Although there has been no official word yet, it seems RIM is accommodating the regulator by offering, in some form or other, access to unencrypted data sent on Messenger.
And so to India, where the authorities are playing hardball. Despite having already been given access to Voice, SMS and BIS, law enforcers have demanded that "Blackberry Enterprise Service(BES) and Blackberry Messenger Service (BMS) be made accessible to Law Enforcement Agencies by 31st August, 2010". Failure will likely mean a ban.
Now this is where things get a little complicated. RIM's statements to date have time and again reiterated the point that it cannot provide encryption keys to BES data because the individual corporate, not it, holds these keys. So what does this mean for users in the country, and the implications for all BlackBerry users?
It is likely, although by no means certain, that Indian authorities either want merely "access" to the data, rather than to decrypt it. This would mean they could monitor who is speaking to who, for example, without compromising the security architecture and is something RIM could possibly budge on. We shall see.
The problem in all of the affected countries is that they aren't being incredibly specific to the wider world about exactly what they're asking for. Interestingly, RIM has taken the clever PR tack of defending its BES architecture to the hilt, while being notably vague about its BIS services.
It is generally believed that RIM has an agreement with the US authorities which would compel it to deliver unencrypted BIS data to law enforcers in emergencies. It doesn't take a genius to work out that China, Russia and the UK, all of whom have remained notably silent throughout this, already have similar agreements, which would lead one to assume that RIM could budge on this issue.
Its most recent statement released in light of the Indian ultimatum said it would provide carriers with lawful access as long as: "The carriers' capabilities must be technology and vendor neutral, allowing no greater access to BlackBerry consumer services than the carriers and regulators already impose on RIM's competitors and other similar communications technology companies." Which is basically a green light to hand over access to BIS data.
So what should a CIO think of it all? Well, if you have staff in India, Saudi or the UAE using BIS, then you have the right to feel a little concerned that the authorities can, or may soon, have the ability to monitor your staff's unencrypted communications. As regards the BES side of things, it would be crazy to think any government would effectively ban the use of corporate BlackBerrys, given that it would send out a very regressive message to potential investors in the country and could effectively strangle business communications in the country.
However, CIOs globally are entitled to be a little nervous about the whole affair. As Forrester analyst Andrew Jaquith says, "How comfortable would you be, as an IT security manager, if you suspected (even erroneously) that e-mail could be intercepted by a half-dozen, or many, sovereign governments? Not very."
The latest smartphone stats show RIM is still making a healthy profit and taking market share, yet it will be looking nervously at its rivals and will surely see massive markets such as India as vital to future growth. Its response in the next few days will be crucial to its future, although having had the spotlight shone mercilessly on its potential dealings with governments over BIS data, the damage may already have been done.
13 Aug 2010
Browse posts by date
 | June 2012 |  | ||||
|---|---|---|---|---|---|---|
| Mon | Tue | Wed | Thu | Fri | Sat | Sun |
|---|
