BlackBerry maker Research In Motion had last ditch talks
with the government of Saudi Arabia
today in an effort to forestall an order to shut down parts of the BlackBerry
wireless service, particularly its text messaging. But at this point, neither
side has given an inch.
In fact, RIM has sent a letter to its customers in
regions affected by threatened shutdowns saying that the company "assures
customers that it will not compromise the integrity and security of the
BlackBerry Enterprise Solution."
In a separate statement provided to eWEEK by RIM, the
company said, "The BlackBerry enterprise solution was designed to preclude
RIM or any third party from reading encrypted information under any
circumstances." In its statement to eWEEK, the company pointed out that
its encryption method requires that the user create the key, and that neither
RIM nor any carrier ever has possession of it. Because of this, it's impossible
for RIM to open up the encryption for the convenience of the Saudi government
or anyone else.
Meanwhile, in its letter to its owners, RIM said that
governments have the resources at their disposal to gather this information
without requiring it from RIM. The Saudi government, as is the case with
authoritarian regimes everywhere, is unhappy about this, claiming that people
might commit crimes using their BlackBerrys. This is similar to concerns
expressed by the governments of India,
Indonesia and Dubai.
The Saudi government, in a statement released to eWEEK by
the embassy press office here in Washington,
casts the problem as a licensing issue. The statement notes that the government's
Communications and Information Technology Commission notified carriers in the
country that RIM was not in compliance with its regulations a year ago. Now,
according to the statement, the government has requested the three carriers of
BlackBerry devices block those services by Aug. 7.
The Saudi Press Agency is quoting CITC as saying, "It's
keen on prompting telecom companies to provide the latest communication
services in conformity with license requirements." Those license
requirements include allowing the Saudi government to monitor the content of
all communications, including by providing keys to encryption, something that
RIM says it is unable to do.
RIM's position is that its commercial customers depend on
strong encryption and that RIM plans to deliver it. As the company points out,
RIM's security is strong enough that it's a preferred choice for a vast number
of enterprises and governments, including the government of Saudi
Arabia. Leaving aside for a moment the
question of whether the government itself is prepared to let its own
communications be unencrypted, the first questions that come to mind is why
these governments are so willing to alienate Western businesses that depend on
the confidentiality of their communications.
{mospagebreak title=Saudi
Arabia Poised to Punish the Messenger}
In the case of Saudi
Arabia, the answer is probably that it doesn't
care. Remember, this is a government that some regard as, as totalitarian as
North Korea, and has approximately the same regard for human rights, except
that North Korea doesn't single out its women for slavelike status. Remember
also that this is a government that willingly allowed a school full of young
girls to burn to death rather than let them seek safety without having male
relatives to escort them. Human rights are clearly not a priority in Saudi
Arabia.
The real fear by the Saudi government is almost certainly
that human rights advocates might be able to communicate with each other. This
is, of course, a huge risk, since the free flow of information is the enemy of
despots everywhere.
The situation in Dubai
makes less sense. Here's a nation that's been seeking Western investment. It's
been trying to make itself seem to be the commercial hub of the Middle
East. But now, it wants to compromise the commercial activities of
the companies it wants to attract. By doing this, it gives those companies one
more reason to find some other place to do business.
And this isn't just because Western businesses want to
keep secrets. The fact is that they're required by their governments to keep
information protected, regardless of the desires of the governments that they
may travel through. If you're traveling through one of these countries, do you
think your compliance auditors are going to accept the Saudi government's
paranoia as an excuse for a security breach?
But realistically, this may not actually come to pass.
There are millions of BlackBerry users in each of these countries, and despite
the total disregard for the rights of their citizens, the Saudi government is
probably not in a position to say no to all those business users who will go
elsewhere if forced to do so by the government.
The same is even truer in Dubai,
which is desperate to attract business, especially given the worry caused by
the government's huge debt. That government has to choose whether to simply
give up on attracting Western companies or think of some other way to satisfy its
cultural worries. On the other hand, Dubai
has given RIM until October to come up with a solution. It's entirely possible
that the problem will quietly slip out of sight in the meantime.
RIM, unfortunately, is learning the truth about a saying
that is frequently heard here in Washington:
No good deed goes unpunished. RIM's good deed was making its devices as secure
as its customers needed them to be. Now the company is being punished for doing
its job too well.
Enterprise Mobility News & Reviews 
