Back in 2010, the Indian government set multiple deadlines for RIM to provide the government with access to encrypted BlackBerry communication or face a shutdown of BlackBerry services in the country. Those deadlines came and went, with RIM insisting that it has no back door that would let government authorities (or anybody else) decrypt and access communications on its BlackBerry Enterprise services. However, by the beginning of 2011 RIM had been working with the Indian government to provide access to consumer-level BlackBerry Messenger and BlackBerry Internet Services (BIS) email—and now the Wall Street Journal reports RIM is operating a small surveillance facility in Mumbai to process government requests for access to BlackBerry user communications.
According to the report, government officials must convince RIM they have enough legal justification to require access to a user’s messages before the company will cooperate. However, the Indian government still wants access to decrypted messages sent via BlackBerry Enterprise Services, and also wants to locate officials at RIM’s headquarters in Canada to facilitate getting surveillance requests to the company.
RIM has consistently claimed that it has no magical back door that would enable it to snoop on encrypted communications sent via BlackBerry Enterprise Server; when customers sign on to the service, they generate their own encryption keys, and the architecture of the service prevents RIM from ever having a copy of them. RIM insists that architecture is identical around the world, but has led some industry watchers to speculate governments might require companies using BlackBerry Enterprise services to hand their encryption keys over to the government to be able to lawfully use the services.
India isn’t the only country where RIM has seen government demands for access to its services: the United Arab Emirates, Saudi Arabia, and others have also demanded access to customer messages and threatened RIM with BlackBerry shutdowns. In each case so far, RIM has been able to work out agreements with the countries, although the details have never been disclosed and the Indian case is the first where RIM is believed to have set up a message surveillance center. In other cases, RIM is believes to have located BlackBerry servers within the country, rather than operating BlackBerry services off servers in North America and the United Kingdom.
RIM has not confirmed the existence of a monitoring center in India, so far telling media only that it as “delivered a solution” to the Indian government’s concerns.
Governments have insisted they need access to messages for security purposes, such as preventing attacks by militants and terrorists who might use encrypted communications to plan and coordinate attacks. However, critics have warned that some regimes might use communications access to suppress free speech and monitor activities of political opponents.
