Search
Close this search box.

BlackBerry Security Stance Sows Anxiety


The 2008 terrorist attacks in Mumbai heightened concerns in India over the government’s inability to eavesdrop on encrypted communications. In the United Arab Emirates, similar concerns escalated this year after a Palestinian operative was killed in a hotel in Dubai, possibly by a team from the Mossad, the Israeli intelligence agency.

In both countries, those concerns have crystalized into a battle with Research In Motion, the Canadian maker of BlackBerry smartphones, over whether and how their governments can gain access to messages that flow over the BlackBerry network. And the dispute has put a spotlight on the challenges faced by many governments in monitoring communications services with global reach.

Last week the Emirates threatened to block BlackBerry’s e-mail and instant messaging services in that country unless R.I.M. created back doors to allow officials to eavesdrop on the company’s customers. Saudi Arabia has made a similar threat, and news reports over the weekend suggested that a deal had been made, but it was unclear what any deal might involve. Lebanon has also raised concerns. Indian officials have been negotiating with R.I.M. over access to BlackBerry messages for a couple of weeks.

Although it is unclear precisely what these countries are asking for, one demand is for the same kind of access to BlackBerry’s encrypted services that they think the company already gives authorities in the United States and other industrialized democracies.

“I don’t think the concerns raised by India are out of the ordinary,” Sachin Pilot, the country’s junior minister for communications and information technology, said in a phone interview. “Most countries in the Western world have raised the issues and to the best of my information — and I am willing to be corrected — their concerns have been addressed.”

R.I.M. officials flatly denied last week that the company had cut deals with certain countries to grant authorities special access to the BlackBerry system. They also said R.I.M. would not compromise the security of its system.

At the same time, R.I.M. says it complies with regulatory requirements around the world.

But the company, which is generally known for its secrecy, has declined to provide details on its discussions with governments or to explain how it complies with laws around the world that require communications companies to grant government agencies access to their systems for lawful intercepts. This has kept alive suspicions in some foreign capitals and among computer security experts in the United States that R.I.M. has made concessions to some countries.

“There are all kinds of rumors that various deals have been struck around the world, including in the United States, but we don’t know what those deals are,” said Leslie Harris, chief executive of the Center for Democracy and Technology, which is based in Washington, and a board member of the Global Network Initiative, a coalition of companies and nonprofit groups that seeks to protect privacy and free expression on the Internet.

Speaking privately, several United States law enforcement and security officials would not say whether the government has a way to decrypt BlackBerry messages, explaining that they were reluctant to divulge whether any particular service posed difficulties. But there has been little public sign of law enforcement frustration with BlackBerry encryption.

The officials said that law-enforcement agencies in the United States had an advantage over their counterparts overseas because many of the most popular e-mail services — Gmail, Hotmail and Yahoo — are based here, and so are subject to court orders. That means the government can often see messages in unencrypted forms, even if sent from a BlackBerry. In addition, officials said that in emergencies, when lives might be in danger, they sometimes sought the voluntary assistance of companies, including those outside the United States.

David Szuchman, the chief of the cybercrime and identity theft bureau at the Manhattan district attorney’s office, said investigators occasionally obtained from R.I.M. logs of Internet protocol addresses associated with e-mails sent through the BlackBerry system, but they were unable to obtain the contents of the e-mails from the company.

Security experts say that BlackBerry’s system, while secure, is susceptible to eavesdropping. Some even say that its design allows companies, and potentially governments, to monitor messages, though not necessarily with R.I.M.’s cooperation.

Most experts say R.I.M.’s service for consumers is not at issue, because the messages are largely unencrypted and easy for governments to intercept.

(Read More: NY Times)



One Response

Leave a Reply


Popular Posts