BlackBerry Ltd. is defending itself in light of revelations that it had given the RCMP the global encryption key to its personal devices.
In an official blog post attributed to company chief executive John Chen, the company justified its actions, saying that it complied with a “reasonable lawful access request” in providing the key to Canadian police.
Calling the revelations “an old case that recently resurfaced in the news,” the mobility company claimed that the investigation of the 2011 murder of mafia leader Sal “the Ironworker” Montagna — which led to seven convictions last month — resulted in “a major criminal organization being dismantled.”
“I can reaffirm that we stood by our lawful access principles,” Chen wrote.
However, the blog does not mention the words “global encryption key” for BlackBerry devices, which an investigation has revealed has been in the RCMP’s possession as far back as 2010.
The key, which is used in every consumer BlackBerry device, is capable of unlocking virtually any BlackBerry message between devices. Corporate phones, such as those used by enterprise and government employees on the company’s Business Enterprise Server (BES), have custom encryption keys, and do not seem to be affected at this time.
Chen pointed out that BES is still “the most secure mobile platform for managing all mobile devices.”
Court documents involved in the trial that were made public indicate “over one million” BlackBerry messages were decrypted during a period between 2010 and 2012.
It is unclear what the RCMP has done with the key following this investigation — Vice News reports that the federal investigators and BlackBerry both both fought to keep details of their relationship sealed. The key can theoretically still to be used to snoop on non-corporate devices around the world.
In November, BlackBerry was ordered to leave Pakistan after denying government access to its servers.
“I have stated before that we are indeed in a dark place when companies put their reputations above the greater good,” Chen said, in an apparent dig at Apple in its refusal to unlock the San Bernardino iPhone for the FBI.
Read the full comment below.
Lawful Access, Corporate Citizenship and Doing What’s Right
Protecting customer privacy is a core BlackBerry principle
When it comes to doing the right thing in difficult situations, BlackBerry’s guiding principle has been to do what is right for the citizenry, within legal and ethical boundaries. We have long been clear in our stance that tech companies as good corporate citizens should comply with reasonable lawful access requests. I have stated before that we are indeed in a dark place when companies put their reputations above the greater good.
This very belief was put to the test in an old case that recently resurfaced in the news, which speculated on and challenged BlackBerry’s corporate and ethical principles. In the end, the case resulted in a major criminal organization being dismantled. Regarding BlackBerry’s assistance, I can reaffirm that we stood by our lawful access principles. Furthermore, at no point was BlackBerry’s BES server involved. Our BES continues to be impenetrable – also without the ability for backdoor access – and is the most secure mobile platform for managing all mobile devices. That’s why we are the gold standard in government and enterprise-grade security.
For BlackBerry, there is a balance between doing what’s right, such as helping to apprehend criminals, and preventing government abuse of invading citizen’s privacy, including when we refused to give Pakistan access to our servers. We have been able to find this balance even as governments have pressured us to change our ethical grounds. Despite these pressures, our position has been unwavering and our actions are proof we commit to these principles.