Blackberry maker lists four criteria for lawful access to security architecture

Friday, August 13, 2010

TORONTO - A day after the Indian Government set an August 31 deadline to permit access to encrypted signals and messages, Research In Motion (RIM), the company that manufactures the Blackberry range of mobiles has said that four criteria need to be met before allowing lawful access to the security architecture of each mobile handset.


According to a Globe and Mail report, RIM issued a press release in which it confirmed for the first time that it does in fact provide certain capabilities to telecom carriers “for “lawful” access purposes.”

But the company quickly added that it “has drawn a firm line” by insisting any help it does give carriers be limited by four criteria:

That such capabilities “be limited to the strict context of lawful access and national security requirements as governed by the country’s judicial oversight and rules of law”

That the capabilities be “technology and vendor neutral,” effectively meaning that RIM won’t be subject to burdens its competitors aren’t also subject to

That RIM isn’t forced to change the fundamental security architecture behind its enterprise product

That RIM maintains a “global standard” for lawful access and makes no special deals with individual countries.

The company also reiterated that, “contrary to any rumours, the security architecture is the same around the world and RIM truly has no ability to provide its customers’ encryption keys.”

India’s Home Secretary G.K.Pillai, met with security and telecommunications agency representatives on Thursday and asked telecom carriers to make two BlackBerry services available to security officials by the end of the month.

One is the BlackBerry Enterprise server, which is RIM’s more secure product, used mainly by corporations, and the other is the BlackBerry Messenger Service, used by businesses and consumers alike.

“If a technical solution is not provided by 31st August, 2010, the government will review the position and take steps to block these two services from the network,” a Home Ministry statement said.

“The meeting also took note of the fact that the Blackberry services like Voice, SMS and BIS [RIM's consumer BlackBerrys] have been made available to Law Enforcement Agencies.”

For RIM, both requests from the Indian government represent different risks.

The company has repeatedly touted the security of its enterprise product, saying in a statement earlier this month: “The BlackBerry enterprise solution was designed to preclude RIM, or any third party, from reading encrypted information under any circumstances since RIM does not store or have access to the encrypted data.”

Acquiescing to the Indian government’s demand for access to enterprise communication would undermine that stance.

RIM is believed to be on the verge of reaching an agreement with authorities in Saudi Arabia - with the help of the Canadian government - to keep BlackBerry services running in the country, in exchange for giving Saudi authorities greater access to communication data.

Less is known about the state of talks with the Indian government. (ANI)

Filed under: Blackberry, World

will not be displayed