Telco Hall of Shame: Blackberry
2:51pm | 1 February 2013 | by Access Team, English
Inductee: Blackberry, formerly Research in Motion (RIM)
CEO: Thorsten Heins and the Executive Team
Countries of Operation: Canada, USA, France, Germany, Italy, Spain, UK, Austria, Turkey, Russia, Australia, Hong Kong, Singapore, Indonesia, South Africa, Mexico, Brazil, Uruguay, Argentina, Netherlands, Belgium, Italy, Poland, Sweden, Ukraine, Kenya, Nigeria, Saudia Arabia, UAE, India, China, South Korea, and Japan. (http://www.rim.com/company/maps/)
HUMAN RIGHTS POLICY
Blackberry outlines its human rights policy regarding cooperation with law enforcement agencies:
- “The carriers’ capabilities are limited to the strict context of lawful access and national security requirements as governed by the country’s judicial oversight and rules of law.
- The carriers’ capabilities must be technology- and vendor-neutral, allowing no greater access to BlackBerry consumer services than the carriers and regulators already impose on RIM’s competitors and other similar communications technology companies.
- No changes to the security architecture for BlackBerry Enterprise Server customers since, contrary to any rumors, the security architecture is the same around the world and RIM truly has no ability to provide its customers’ encryption keys.
- Also driving RIM’s position is the fact that strong encryption is a fundamental commercial requirement for any country to attract and maintain international business anyway and similarly strong encryption is currently used pervasively in traditional VPNs on both wired and wireless networks in order to protect corporate and government communications.
- RIM maintains a consistent global standard for lawful access requirements that does not include special deals for specific countries.”
Blackberry also outlines its content filtering policy:
“Content filtering refers to the ability to remove access to inappropriate and/or illegal Internet–based content. While often applied in the home or in a business to screen inappropriate content such as malware or pornography, content filtering requirements are generally established by national governments or voluntarily in many countries by Internet service providers, including telecom carriers. RIM is not an Internet service provider. Like our competitors, we support our carrier partners around the world to meet their obligations or commitments by working with them to ensure the availability of appropriate content filtering solutions for BlackBerry smartphones.”
Allegations of interception in China
In 2006, Blackberry began offering email service in China. Numerous reports at the time and since have speculated on the company’s cooperation with Chinese authorities and the government’s ability to intercept communications. In 2010 an unnamed representative of China Mobile was quoted saying, “If someone, like government departments, want to monitor [a] message, they can do it.”
Handing the FSB the the encryption keys in Russia
In 2007, RIM provided its encryption keys to Mobile TeleSystems (Мобильные Телесистемы), Russia’s largest mobile network operator. Mobile TeleSystems reportedly then turned over those keys to the Russian Federal Security Service, or FSB.
Hosting servers in Saudi Arabia
In 2010, in response to a state ban on Blackberry encrypted messaging, web surfing, text, and email, RIM announced plans to locate three servers in the kingdom, one for each mobile network operator. The location of the servers in Saudi Arabia places user data traversing those servers under Saudi legal jurisdiction.
Extrajudicial data requests in the UAE
In 2010, the United Arab Emirates threatened to ban Blackberry services, citing jurisdictional issues. Because RIM’s secure servers are located outside the UAE, authorities would have been unable to compel the company to turn over user data in ‘instances of national security.’ However, the proposed ban was later lifted, suggesting Blackberry had begun cooperating with authorities on data requests. In 2011, the UAE limited access to Blackberry’s most-secure encrypted enterprise services to businesses with more than 20 employees, prompting speculation that the government wished to more easily intercept activists and journalist communications.
“Turn off the internet”
In 2010, the founder and CEO of RIM was quoted in an an interview with the Wall Street Journal suggesting countries that objected to their citizens communicating via encrypted messaging should turn off the internet. “Everything on the Internet is encrypted. This is not a BlackBerry-only issue. If they can't deal with the Internet, they should shut it off," said Michael Lazaridis.
Assisting police in England riots
In 2011, Blackberry offered unspecified assistance to the British authorities following the London riots. Some speculate this was to help police correlate location tracking with CCTV footage to identify rioters.
Filtering content in Kuwait
In 2010, the International Business Times reported that RIM had agreed to filtering in Kuwait, blocking access to roughly 3,000 pornographic websites.
Filtering content in Indonesia
In 2011, RIM agreed to implement filtering for pornographic content in Indonesia. Indonesian authorities had also requested Blackberry establish a server in the country in order to facilitate interception of encrypted information; however it appears the company ultimately chose locate those servers in a ‘regional’ center in nearby Singapore.
Handing India the encryption keys
In August of 2012, the Indian media reported that Blackberry had ended a ‘four year standoff’ with Indian authorities, providing Indian law enforcement with the capacity to intercept and decrypt user messages and email. According to RIM, corporate ‘enterprise’ accounts would remain encrypted and inaccessible to law enforcement agencies. However, India’s Economic Times reported that all emails, including enterprise accounts, would be accessible to officials, a claim RIM denied.
Know something about Blackberry that we missed? Let our telco policy expert Peter Micek know at email@example.com | Public Key: 0x22510994