Canada’s Research in Motion has been under an increasing amount of pressure from international governments to provide security services with real-time access to encrypted BlackBerry communications. Although RIM has worked with governments to reach compromises—including likely locating BlackBerry servers within the borders of some countries rather than in overseas data centers—RIM has steadfastly maintained there is no major back door to its encrypted corporate services that it can open for lawful government access. Now, the United Arab Emirates—the country which first raised the specter of banned BlackBerry services if it couldn’t get access—is pushing ahead with restricting who is eligible to use BlackBerry encrypted services.
According to plans outlined earlier in April, the United Arab Emirates plans to restrict access to full-encrypted BlackBerry Enterprise services to companies with at least 20 user accounts. Firms and organizations with fewer accounts would be required to shift to BlackBerry Internet Service, which still provides access to email, calendaring, and other BlackBerry services, but which should be easier for authorities to monitor since the traffic moves over the standard Internet rather than via encrypted communications to gateway services.
Last year, the United Arab Emirates threatened to bar BlackBerry services entirely, claiming RIM’s practice of storing messages and other information in offshore data centers was illegal. Emirati mobile operator Etisalat sent notices to BlackBerry subscribers requiring them to install an “update” to access new features; RIM later identified the “update” as spyware that enabled Etisalat to monitor BlackBerry communications. A few months later, RIM reached an undisclosed arrangement with the UAE that enabled BlackBerry services to continue operation.
Governments’ concern over fully-encrypted communications provided by BlackBerry Enterprise stems from the possibility terrorists or militants could use the services to securely plan attacks and other destabilizing actions. Governments are demanding the ability to access mobile communications lawfully—in real time or near-real time—in order to combat potential threats. However, free speech and human rights activists have noted that many of the governments seeking access to secured services also suppress political speech and other content they deem harmful or blasphemous, and note that government access to secured communications could be used as a tool of repression. A back door to secured communications could also be accessed by clever attackers, or abused by corrupt officials.
RIM and other major Internet operators—like Nokia, Google, and Skype—face similar concerns in a number of countries, including India.
