BlackBerry is saying “no” to government backdoor access to communications on its services and devices, in actions that speak louder than words.
Earlier this week, BlackBerry announced it is shutting down its operations in Pakistan and will leave the country by 30 December, after refusing to provide Pakistan’s government with backdoor access to its customers’ communications.
Marty Beard, BlackBerry’s chief operating officer, wrote on the company’s blog that the Pakistan Telecommunications Authority told mobile phone operators in July that BlackBerry would no longer be allowed to operate in the country for “security reasons.”
Beard said that Pakistan wanted unfettered access to all emails, BBM messages and other Blackberry Enterprise Service (BES) traffic, but the company refused on principle:
... [R]emaining in Pakistan would have mean forfeiting our commitment to protect our users' privacy. That is a compromise we are not willing to make.
Beard stated unequivocally that BlackBerry does not support backdoors:
As we have said many times, we do not support "back doors" granting open access to our customers' information and have never done this anywhere in the world.
BlackBerry has long made statements to that effect, but the policy behind its message hasn’t always been so clear.
A few weeks ago, speaking at the FedTalks government IT summit, Beard said BlackBerry has a much more “balanced approach” to the issue of backdoors than some of their competitors who are “all about encryption all the way.”
Those comments were interpreted by some in the media as an endorsement for backdoors, such as The Inquirer’s Dave Neal, who wrote that “BlackBerry would be open to letting governments into its hardware and all over its encryption.”
Not so, BlackBerry says – the company is merely “happy to assist law enforcement agencies in investigations of criminal activity,” as Beard wrote in his blog post this week.
BlackBerry does have a somewhat checkered past when it comes to giving governments special access.
In 2012, BlackBerry (then called RIM) agreed to provide India’s government with a technical solution allowing it to intercept encrypted communications, including enterprise emails.
BlackBerry called it an “appropriate lawful access solution” rather than a backdoor.
The company faced scrutiny in 2013 after documents leaked by NSA contractor Edward Snowden revealed that the British intelligence agency GCHQ was able to “penetrate the security of BlackBerry smartphones” to intercept communications of government officials at the G20 summit in 2009.
As now, BlackBerry said in response to the Snowden leak that its policy on backdoors was “no backdoors.”
In 2014, BlackBerry again faced accusations that it had a backdoor in its products, due to its use of a faulty encryption algorithm developed by a BlackBerry subsidiary that was contracted by the NSA.
Again, BlackBerry issued a statement that its policy on backdoors is a strict “no.”
This time around, BlackBerry isn’t just saying the same line it’s used for the past three years – it’s walking away from a huge market in Pakistan.
Beard said this week Pakistan was “only” seeking access to its BES servers, but the government’s demand for access to a “significant swath” of its customers’ data left BlackBerry “no choice but to exit the country entirely.”
Originally, Pakistan ordered BlackBerry to shut down operations by 30 November, but has since extended the deadline to 30 December, and the company said it will pull up stakes by then.
BlackBerry’s official policy on backdoors may not have changed, but its actions in Pakistan are a strong affirmation of that policy in practice.