Last week, BlackBerry came under fire after a report found the Royal Canadian Mounted Police to have had access to the company’s global encryption key since 2010. In response, CEO John Chen sought to redirect the focus of the story to how BlackBerry’s assistance provided to the Canadian police brought down two criminal organizations.
The joint investigative report, by Motherboard and Vice, gave a glimpse of what transpired behind courtroom doors during a case called Project Clemenza, which revolved around a 2011 gangland murder. It revealed that BlackBerry decrypted about “one million PIN-to-PIN” messages in connection with the investigation, thanks to a global encryption key. It is unclear who provided the key.
In a blog post titled “Lawful Access, Corporate Citizenship, and Doing What’s Right,” Chen writes BlackBerry has always chosen to do the right thing for “the citizenry,” within legal and ethical boundaries.
“We have long been clear in our stance that tech companies as good corporate citizens should comply with reasonable lawful access requests,” Chen said. “I have stated before that we are indeed in a dark place when companies put their reputations above the greater good.”
“We have been able to find this balance even as governments have pressured us to change our ethical grounds.”
Chen says the company stood by its lawful access principles for the case, and said that BlackBerry’s Enterprise Server (BES) was never involved in the investigation. In fact, Motherboard’s report says the global encryption key unlocks all messages sent between consumer phones that uses PIN-to-PIN messages, but BES allows companies to have their own encryption key, and BlackBerry can’t access that.
“The defense in the case surmised that the RCMP must have used the ‘correct global encryption key,’ since any attempt to apply a key other than BlackBerry’s own global encryption key would have resulted in a garbled mess,” according to Motherboard.
Regardless, Chen mentions BES, and how it remains the “gold standard in government and enterprise-grade security.”
“Our BES continues to be impenetrable — also without the ability for backdoor access — and is the most secure mobile platform for managing all mobile devices,” he writes.
The news of BlackBerry’s aid in the 2010 Canadian investigation comes at a time when Apple is still fighting the FBI’s requests for the Cupertino company to create a backdoor into the iPhone. Apple believes doing so would threaten the security and privacy of all of the company’s consumers, and would also cause it to lose public trust.
When the defense team on the case asked for more information about how the prosecutors got access to the key, the prosecution reiterated that BlackBerry’s cooperation should remain private, as any revelations could have a negative commercial impact on the company, and could compromise the police’s relationship with BlackBerry.
But the company isn’t offering access to just any government that requests it — Chen highlighted how Blackberry nearly exited the Pakistani market after the government requested access into BES email and messaging content. The company decided to stay in the country after Pakistan dropped its request thanks to “productive discussions.”
“We have been able to find this balance even as governments have pressured us to change our ethical grounds,” Chen said. “Despite these pressures, our position has been unwavering and our actions are proof we commit to these principles.”
There’s still no official word or comment about the global encryption key, and who provided it to the Canadian police.
