German Chancellor's BlackBerry Likely Withstood NSA Tapping: Vendor
This means that the real question is did Chancellor Merkel discuss sensitive topics using unencrypted communications? The answer to that is unclear, but there's a good chance she may have. While Merkel's communications within NATO partners could have been encrypted, communications with others could not have been, at least not through the Secusmart encryption engine on her BlackBerry. Adding to this worry is the fact that the Secusmart encryption can be bypassed when users want to communicate outside of the secure environment. For example, if a user of a Secusmart-equipped BlackBerry wants to send email or text messages to someone who isn't using such a device, then those messages travel in the clear, and the NSA can listen in easily. In addition, the NSA has reportedly been listening in on Merkel's communications since long before she became Chancellor and long before Secusmart developed encryption for the BlackBerry. While her communications that took place within the framework of BlackBerry Messenger and BlackBerry Enterprise Server may still have protected her messages, that would depend on whether or not she used a BlackBerry, which she likely did. But it's still likely that many, if not all, of her messages were recorded by the NSA, even if the agency failed to do so over the last few months of 2013. "At the end of the day, users bear the responsibility for their own security. As long as they communicate from the secure area of their phone, they are completely protected from espionage attacks," Quelle said. And therein lies the problem, not just for the Chancellor, but for everyone who communicates sensitive information.What this means is that information must be protected at all stages of its existence, from the place where it's created, to the networks over which it travels, to the place where it's kept safe for backup. The NSA isn't the only group that's trying to take your data, after all. There's also everyone from the Chinese government to cyber-criminals who want your data either for competitive reasons, or to use the information to commit crimes. While you probably don't want the NSA combing through your databases and emails, you don't want random strangers doing so either.
The failure to protect critical data has been behind nearly all of the breaches of sensitive information. While most companies don't deal in national security, they do routinely handle personally identifiable information ranging from credit card numbers to health data. When this information is compromised, it's almost always due to a failure at some point to protect it.