updated 01:40 pm EDT, Fri August 13, 2010
RIM guidelines explain BlackBerry snoop limits
RIM today posted a set of guidelines that it said would dictate the limits of how countries such as India could monitor its services. The BlackBerry maker would refuse to grant access beyond what's legally required by a local government. Any monitoring would similarly have to be "technology and vendor neutral" and wouldn't grant any special access to a BlackBerry that isn't present on an iPhone or similar device.
The terms further echo RIM's hard lines on technical abilities and consistency. It will refuse any changes to how BlackBerry Enterprise Server works as the nature of the system prevents special access. Since all data is the same and puts the encryption keys only in the hands of those involved in a conversation, RIM can't offer a backdoor or treat servers differently in a given country.
RIM won't make special deals for countries, it reiterated.
The statements contradict rumors today [sub. required] that RIM will have a special exception in place for India before its August 31 deadline or for other countries requesting spying access, such as Saudi Arabia and the UAE. An anonymous Indian official had insisted a RIM team would be visiting next week to test a system that would work around the restrictions.
Combined, the guidelines and pressure from foreign governments could lead to a major setback for RIM's attempts to hold on to market share. Combined, India and the Middle Eastern states account for millions of current and potential customers that would either see a major reduction in BlackBerry serivces or would have to switch to Android, iPhone or another platform which doesn't automatically encrypt most data. RIM in its new rules and previous statements has signaled that it may be willing to sacrifice these markets as the principle of protecting confidential data was more important than allowing monitoring for security fears.
"Strong encryption is a fundamental commercial requirement for any country to attract and maintain international business anyway," it said. "Similarly strong encryption is currently used pervasively in traditional [virtual private networks] on both wired and wireless networks in order to protect corporate and government communications."