Canada’s Research in Motion and the Indian government may be headed for a showdown that could see BlackBerry services in India shut down. The Indian government has demanded that authorities be granted access to encrypted BlackBerry communications, out of concern the technology could be used by militants and terrorists to plot attacks. RIM has been working with the Indian government to resolve the issue, and the Indian government has repeatedly extended the deadline by which RIM’s services must comply with its requirements. However, the current deadline is still January 31, 2011, and while RIM has come up with a way for Indian officials to tap into decrypted messages on its consumer BlackBerry Messenger service, RIM has remained steadfast that there is no magic back door that will enable it to grant the Indian government access to encrypted enterprise email, although it has also said it wants to work with the Indian government to resolve the issue.
RIM’s consistent assertion that it cannot offer access to BlackBerry services for enterprise means the next move is up to Indian regulators: will they carry through on their threats to shut down BlackBerry service if RIM doesn’t comply, will the accept RIM’s efforts to-date as good enough, or will they require RIM to modify its service so there is a backdoor that can be exploited by authorities—and, potentially, others—to tap into secure communications?
India’s concerns that secure communications can be exploited by terrorists and others are rooted in part in the 2008 Mumbai terror attacks that killed more than 150 people. The attacks were carried out and coordinated in part using mobile phone and satellite phone technologies. However, banning BlackBerry service—and imposing access requirements on other communications mediums—may stunt India’s burgeoning high technology industries. It would also, obviously, damage RIM’s position in the Indian market, creating an opportunity for other players that are able to comply with the government’s requirements.
RIM’s assertion that there is no backdoor to its enterprise communications rests on the public-key encryption methodology used by the service. The keys used to encrypt the communications are known only to the account-holders themselves, and are never available to RIM: although RIM is apparently willing to enable governments to tap into decrypted communications, in this case it has no means for doing so. Some industry speculation has had authorities in India (and other countries) looking to legislate or impose technical requirements that users of public key encryption services turn over their private keys to the government in order to be able to use the services.
- The best encrypted messaging apps for iOS and Android
- Garmin reportedly used decryption key, may have paid ransom after cyberattack
- LastPass vs. 1Password
- Google Drive vs. Dropbox
- What is the EARN IT Act? The bill that has privacy advocates worried, explained