Research in Motion, the company behind the BlackBerry, has issued corrections to reports that the company has given the Indian government the encryption keys to its secure corporate email and messaging services. RIM’s problems with the Indian government over data encryption has been ongoing since at least 2010, when rumors of a BlackBerry ban were being circulated.
BlackBerry Enterprise Server
RIM’s clarification was necessary because the Canadian company essentially provides two types of services: consumer and business/enterprise. Reports relating to the handing over of encryption keys to the Indian government are limited to the former.
For BlackBerry Enterprise Server (BES), the company has reiterated, time and again, that it has no control over the encryption keys:
RIM, which has been grappling with the Indian government for years, reiterated that it cannot provide access to its enterprise email and messaging services as the company itself does not possess the encryption keys for the same and these remain in the control of its corporate clients. [economictimes.indiatimes.com]
On the other hand, the RIM is in charge of the encryption keys being used in the consumer space. After all, it’s not expected (nor desirable) to get an average consumers to set up their own BlackBerry servers in order to get their phone to work. As such it makes sense that the creators of the BlackBerry can
[provide] an appropriate lawful access solution that enables India’s telecom operators to be legally compliant with respect to their BlackBerry consumer traffic, to the same degree as other smartphone providers in India, but this does not extend to secure BlackBerry enterprise communications [economictimes.indiatimes.com]
Mobile Encryption Works
The Indian government, however, has an answer to the “BES problem”: they’re asking companies that do business in India to set up their servers within Indian territories. This way, getting their hands on encryption keys becomes unnecessary, as serving a warrant would suffice.
This is just another indicator that, contrary to claims from know-it-alls, encryption really does work. Which is good news for people who are joining the BYOD trend.