by Al Sacco

RIM: We STILL Can’t Access Encrypted BlackBerry Data (We Pinky Swear!)

Aug 06, 20122 mins
MobileSecuritySmall and Medium Business

BlackBerry-maker RIM released a statement last week to refute recent reports that suggest the company granted access to encrypted corporate data to the Indian government. RIM has repeatedly stated that it simply cannot grant such access, but some media outlets just aren't getting the message.

Despite recent news reports to the contrary, RIM has not finally figured out a way to share encrypted BlackBerry Enterprise Server (BES) data with the Indian government. I’m not sure how many times RIM needs explain that data encrypted via BES can only be decrypted by the BES admins who encrypted it—or someone with the associated encryption keys.


But apparently the BlackBerry-maker needed to make itself clear one more time. As such, it released a new statement in response to a recent report from The Economic Times, entitled “BlackBerry maker Research In Motion agrees to hand over encryption keys to India.”

From RIM:

“RIM is providing an appropriate lawful access solution that enables India’s telecom operators to be legally compliant with respect to their BlackBerry consumer traffic, to the same degree as other smartphone providers in India, but this does not extend to secure BlackBerry enterprise communications. As we have stated on several occasions, and as we have set out in our company’s Lawful Access Principles, RIM cannot access information encrypted through BlackBerry Enterprise Server as RIM is not ever in possession of the encryption keys. “

RIM has been working with the Indian government for yearsto find a compromise that meets India’s desire to access BlackBerry communications from RIM smartphone users in India, and it has repeatedly said it would do everything possible to appease the government. BUT IT CANNOT ACCESS ENCRYPTED BES DATA. Really. It can’t.

I hope this Economic Times report is the last inaccurate story I read on the subject, but something tells me it won’t be.