RIM proposes crypto forum to dodge India BlackBerry ban

RIM has prosed that an industry forum be established to help governments manage lawful intercept, in the hope of forestalling India's threatened ban.


The proposed body would be led by RIM, but the company is clearly hoping that others will join in. There's strength in numbers and India has made it clear that Skype and Google are next in the firing line, so RIM would like such powerful allies at the table beside them rather than watching from the sidelines. But it remains to be seen if that's enough to stop India pulling the plug on Wednesday.

India isn't the first government to demand access to messages encrypted by RIMs servers, but its demands do seem to go further than other countries in a similar situation, and that might make resolving the issue impossible.

Many governments resent not being able to intercept messages destined for BlackBerry handsets. The UAE and Saudi Arabia both threatened bans on BlackBerry devices unless some sort of lawful intercept was arranged, and both backed down after coming to an agreement with RIM.


But India's demands are more intrusive and less palatable to the Canadian company behind the BlackBerry service, which might mean a million Indians lose connectivity next Wednesday.
There are two distinct kinds of BlackBerry user: employees of a company that runs its own BlackBerry Enterprise Server, and ordinary members of the public who buy a BlackBerry handset and sign up to the service, then forward their existing email accounts to one provided and hosted by RIM.


It's those members of the public that have been the focus up to this point, as emails sent to the RIM-hosted BES are encrypted before being forwarded to the handset. That encryption is, in this context, unbreakable, but if you get a copy of the message before it's encrypted then there's no problem. If the server is located in a friendly country then that can be arranged - lawful intercept will permit the government to copy messages just like every other email service. But if the server is in a less agreeable country then it gets more difficult.


This is exactly the same as checking a Gmail account over an SSL connection, which is why RIM is hoping companies like Google will join its new body.


"Singling out and banning one solution, such as the BlackBerry solution, would be ineffective and counter-productive," RIM said. "It would be ineffective because anyone perpetrating the misuse of the technology would continue to have easy access to other wireless and wireline services that utilize strong encryption and are readily available in the market today."

More @ http://www.theregister.co.uk/2010/08/27/rim_india/