RIM says it can’t provide e-mail interception in India

BANGALORE, INDIA – Research In Motion (RIM) has said it is unable to give the Indian government access to messages sent by its enterprise clients over the BlackBerry service.

The BlackBerry security architecture for enterprise customers is specially designed to exclude the capability for RIM or any third party to read encrypted information under any circumstances, the company said in an update to its Indian customers this week.

For enterprise customers, the security architecture is based on a symmetric key system whereby the customer creates his own key, and only the customer possesses a copy of his encryption key, RIM said. The company does not possess a “master key”, nor does any “back door” exist in the system that would allow RIM or any third party to gain unauthorized access to the key or corporate data, it said.

Further, RIM would be unable to accommodate any request for a copy of an enterprise customer’s encryption key, as neither RIM nor any wireless network operator possess a copy of the key, it said.

RIM also offers a separate product for individual customers, BlackBerry Internet Service, hosted by telecommunications operators. It did not comment on that service Monday, and a spokesman was unsure whether carriers offering such a service would have access to the security keys.

The Indian government had refused to allow an Indian network operator, Tata Teleservices, to offer BlackBerry services until the government was able to intercept BlackBerry messages for security reasons. Other mobile service providers, who were already offering the BlackBerry service, were also asked to introduce measures that would allow the government to intercept and read BlackBerry messages whenever necessary.

Governments have a wide range of resources and methodologies to satisfy national security and law enforcement needs without compromising commercial security requirements, RIM said.

The use of strong encryption in wireless technology is not unique to the BlackBerry platform, and is a mandatory requirement for all enterprise-class wireless e-mail services, it added.

Government sources were not immediately available for comment. Discussions between RIM and the government continue, according to informed sources.

Related Download
A Guide to Print Security for Canadian Organizations Sponsor: HP
A Guide to Print Security for Canadian Organizations
IT security vulnerabilities are a growing cause for concern for organizations trying to protect their data from printer breaches.
Register Now