RIM Resists Saudi Demand To Break BlackBerry Encryption
The BlackBerry maker seems willing to let the Saudi government shut down Messenger rather than compromise the security of its mobile service
BlackBerry maker Research in Motion had last ditch talks with the government of Saudi Arabia yesterday in an effort to forestall an order to shut down parts of the BlackBerry wireless service, particularly its text messaging. But at this point, neither side has given an inch.
In fact, RIM has sent a letter to its customers in regions affected by threatened shutdowns saying that the company “assures customers that it will not compromise the integrity and security of the BlackBerry Enterprise Solution.”
In a separate statement provided to eWEEK by RIM, the company said “The BlackBerry enterprise solution was designed to preclude RIM or any third party from reading encrypted information under any circumstances.” In its statement to eWEEK, the company pointed out that its encryption method requires that the user create the key, and that neither RIM nor any carrier ever has possession of it. Because of this, it’s impossible for RIM to open up the encryption for the convenience of the Saudi government or anyone else.
BlackBerry service blocked
Meanwhile, in its letter to its owners, RIM said that governments have the resources at their disposal to gather this information without requiring it from RIM. The Saudi government, as is the case with authoritarian regimes everywhere, is unhappy about this, claiming that people might commit crimes using their BlackBerries. This is similar to concerns expressed by the governments of India, Indonesia and Dubai.
The Saudi government, in a statement released to eWEEK by the embassy press office in Washington, casts the problem as a licensing issue. The statement notes that the government’s Communications and Information Technology Commission notified carriers in the country that RIM was not in compliance with its regulations a year ago. Now, according to the statement, the government has requested the three carriers of BlackBerry devices block those services by 7 August.
The Saudi Press Agency is quoting CITC as saying “it’s keen on prompting telecom companies to provide the latest communication services in conformity with license requirements.” Those license requirements include allowing the Saudi government to monitor the content of all communications, including by providing keys to encryption – something that RIM says it is unable to do.
Alienating Western businesses
RIM’s position is that its commercial customers depend on strong encryption, and that RIM plans to deliver it. As the company points out, RIM’s security is strong enough that it’s a preferred choice for a vast number of enterprises and governments, including the government of Saudi Arabia. Leaving aside for a moment the question of whether the government itself is prepared to let its own communications be unencrypted, the first question that comes to mind is why these governments are so willing to alienate Western businesses that depend on the confidentiality of their communications.