Research In Motion has offered to lead an industry forum in India focused on supporting the lawful access needs of law enforcement agencies, while preserving the legitimate information security needs of corporations and other organizations in India, RIM said Thursday.
RIM did not specify the other members of the industry forum and how it proposes to address India’s threat to shut down some BlackBerry services by Tuesday unless the company provides law enforcement agencies access to its instant messaging service and its enterprise service.
Minister of State for Communications and IT Sachin Pilot earlier in the day told the upper house of India’s Parliament that the country may ban BlackBerry services unless a technical solution for the interception and monitoring of BlackBerry services in readable format is made available to law enforcement agencies by Tuesday.
Indian government officials were not immediately available to comment on the RIM statement.
The industry forum proposed by RIM will work closely with the Indian government and focus on developing recommendations for policies and processes aimed at preventing the misuse of strong encryption technologies while preserving its many societal benefits in India, RIM said.
Communications services with strong encryption are used by terrorists to plan attacks, according to Indian security agencies.
Banning such strong encryption-based information and communications services would severely limit the effectiveness and productivity of India’s corporations, RIM said.
RIM also said it does not possess a “master key,” nor does any “back door” exist in the system that would allow RIM or any third party, under any circumstances, to gain access to encrypted corporate information. The BlackBerry security architecture for enterprise customers was purposely designed to exclude the capability for RIM or any third party to read encrypted information, it said. RIM would simply be unable to accommodate any request for a copy of a customer’s encryption key since at no time does RIM ever possess a copy of the key, it added.
Locating BlackBerry infrastructure in a particular geography does not in any way aid or offer access to the encrypted information that flows through the BlackBerry infrastructure, RIM said in a reference to reports that the company may locate a communications server in India to enable monitoring by security agencies.
In a customer update earlier this month, RIM gave a clue as to how far it is willing to compromise with the Indian government, according to analysts.
Setting out conditions for any capabilities it provides to carriers for “lawful” access purposes, RIM said that carriers’ capabilities should “be limited to the strict context of lawful access and national security requirements as governed by the country’s judicial oversight and rules of law.”
Indian law allows the government to demand from carriers the right to monitor communications under certain conditions, including by providing the keys for their decryption.
RIM however indicated in the customer update that it was less likely to give in on its enterprise service, which seems to have emerged as a sticking point in the negotiations between India and the company. Contrary to any rumors, the security architecture is the same around the world and RIM truly has no ability to provide its customers’ encryption keys, the company said in that note to customers.