With the controversy regarding the sharing of confidential data to the Indian government by RIM and its secure BlackBerry servers still raging on, Indian security agencies seem to have hit upon another plan that is likely to create similar furore.
Indian security agencies have apparently, asked the Telecom Ministry to provide them with real time monitoring capability of services from Google, Skype and social networking tool Twitter. In fact, these are just a few amongst the long list of sites that have been asked to provide access to their servers so that the government agencies can look for incriminating stuff in there.
The country’s Minister of state for Communications and IT, Mr. Sachin Pilot had confirmed the news when he recently spoke at an AMD-Assocham event. He also confirmed that the government and companies in question were already in talks since the past six months and those they are still looking to find an apt solution to this issue which he says is a matter of national security.
As for BlackBerry, RIM has been provided a deadline of August 15 to comply with the governments demands or possibly face a ban. RIM, on the other hand continues to maintain that it is impossible for even them to monitor data sent through their own servers because of the kind of complex encoding they use. The Government fears that terrorists might use these highly secure channels to communicate amongst themselves and those intelligence agencies would not be able to track them
Do you mind the government snooping over your personal and social networking conversations – all in the name of national security?
You mention this: “RIM on the other hand continues to maintain that it is impossible for even them to monitor data sent through their own servers because of the kind of complex encoding they use.”
I would like to point out that this is not necessarily the consequence of complex coding (which I’m sure it is). This is primarily because of logistical issues.
The Blackberry Enterprise Server solution is installed on the provider’s premises. Therefore, if your company is providing you a Blackberry, the BES solution will be installed at the company itself. The encryption keys are managed on-venue at the BES. RIM has no control or jurisdiction over a provider’s installation of BES (at most- they can offer a software upgrade to enable a Government to get a tap into the system- but hey- who is going to upgrade to a *less* secure system?).
Google and other such providers have their software installs on their own premises, and as such, have complete control over the encryption keys. Therefore, anyone seeking Google data needs only to go to Google. Anyone seeking Blackberry protected data needs to approach the provider of the Blackberry directly. Sometimes, this can be your telecom provider, if your plan is through one of them (like Airtel, Vodafone, etc); or this can be your company, if you’ve got your Blackberry through them. Either way- this is a logistical nightmare for anyone seeking the data- they have to figure out who the provider is and go to them- not to RIM. RIM has no more control over the encryption keys than you do over a Word document on my computer. Perhaps, if the word document were on Google docs, you might find a way to get through to it, but if it were on my local machine, approaching Microsoft would be entirely useless.