BlackBerry has made a fresh attempt to break the deadlock over its services in India by offering “metadata” and relevant information to security agencies which will enable them in lawful interception of e-mails and SMSes.
According to minutes of the meeting between government officials and Canadian firm Research in Motion (RIM), makers of BlackBerry, RIM representatives said that the mobile device sends encrypted e-mail which is sent to BlackBerry Enterprise Server (BES) located with the service provider. BES then decrypts the messages and sends it to the e-mail server of the service provider, where it remains stored in decrypted form. Then the message is pushed to the BlackBerry device in encrypted form.
After some persuasion, the representatives agreed that “they can provide the metadata of the message like Internet Protocol address of BES and PIN and International Mobile Equipment Identity of the BlackBerry mobile,” sources said.
Metadata is loosely defined as data about data. It provides information about a certain item’s content like how large the picture is, the colour depth, the image resolution, when the image was created, and other data. A text document’s metadata may contain information about how long the document is, who the author is, when the document was written, and a short summary of the document.
However, the sources said RIM, which has nearly one million subscribers in India, failed to enthuse the security agencies who want an uninterrupted access to the messaging services on BlackBerry platform.
The security agencies apprehend that BlackBerry services in the present format could pose a serious security threat.
The government had said the onus of giving access to security agencies to monitor the information on these smartphones lies with the service providers. According to the licensing conditions, the service providers are liable to put in a mechanism to allow the security agencies to intercept any conversation or message of any subscriber whenever required.
As telecom service providers like Airtel, Vodafone, RCom, the Tatas and the government-run BSNL and MTNL are offering BlackBerry services, it is the responsibility of these operators to ensure that the security agencies get access to all services they offer.
RIM had said in a statement earlier that “We told the service providers in categorical terms that the government will allow them to offer those services which could be intercepted by the security agencies. If any service is not allowed to be intercepted, we will not allow them to run such services.”
While expressing its inability to share access, RIM had said that the security architecture for its enterprise customers is based on a symmetric key system whereby the customers create their own key and only they possess the copy of the encryption.
RIM, which operates in 175 countries, said, “While RIM does not disclose confidential discussions that take place with any government, RIM assures its customers that it is committed to delivering highly secure and innovative products that satisfy the needs of both customers and governments.”
Recently, the UAE and Saudi Arabia barred BlackBerry services due to security risks.
