By Rishabh Prasad:
In 2002, a Canadian company Research in Motion (RIM) released a smartphone BlackBerry, which supported push e-mail, mobile telephone, text messaging, internet faxing, web browsing and other wireless information services as well as a multi-touch interface. One of the most significant features of this smartphone was its extreme security in messaging through advanced encryption techniques. This extreme security implemented by BlackBerry services is now in news for risking national security in some of its fastest growing markets like UAE, Saudi Arabia and India.
UAE, Saudi Arabia, India and Pakistan have all voiced similar concerns over wanting to be able to monitor Blackberry’s encrypted text messaging for national security reasons. Western critics have been hammering these countries for infringing citizens’ rights.
BlackBerry has a higher level of encryption that doesn’t allow monitoring of enterprise email (email run for companies) and messenger services. According to DoT (Department of Telecomm) guidelines, “Individuals/groups/organizations are permitted to use encryption up to 40 bit key length without having to obtain permission from the licensor. If encryption equipment higher than this limit is deployed then shall do so with prior written permission of the licensor and deposit the decryption key, split into two parts, with the licensor.” A senior DoT official told,” In case of BlackBerry, the level of encryption is much higher and very complex. The government has not given has not given permission to any operator to start services without setting up server.”
In its statement, the company explained that data on its BlackBerry Enterprise Server network is encrypted so that no one, not even RIM, can access it. RIM added that it would be unable to “accommodate any request for a copy of a customer’s encryption key since at no time does RIM, or any wireless network operator, ever possess a copy of the key.” But the home ministry made it clear that BlackBerry messenger and encrypted email is bound to face a ban in India if the company is not able to provide a decryption solution to the government.
A solution to the national security problem, as proposed by the Department of Telecommunication, was that RIM can shift the servers for the Indian network to India or create copies of data sent over Indian networks, archive it for six months, and give access to those copies to the Indian Government. However, once again, RIM could not grant this request as it was either unfeasible for the company or it compromised their customers’ privacy and security.
To resolve matters, the National Security Advisor had been asked to offer a possible solution to this problem. After several meetings with the Indian government, RIM proposed that it could share the IP address of BlackBerry Enterprise Servers (BES) and the PIN (Personal Identity Number) and IMEI (International Mobile Equipment Identity) numbers of BlackBerry mobiles, a senior government official familiar with the discussions said, but added these were not sufficient. So finally, to end this face-off, RIM has agreed to provide manual access to the BlackBerry Messenger service from September 1 which would be upgraded to automatic access from November. RIM officials are also expected to explain how the Black Berry Enterprise Server operates to the security experts.
But the issue doesn’t get over. There is no clarity if RIM would be able to deliver on this technical solution. It remains strange that the government continued to turn a blind eye for the last so many years.
The writer is a Tech-Columnist at Youth Ki Awaaz.