"Those who would give up Essential Liberty to purchase a little Temporary Safety deserve neither Liberty nor Safety"
Attributed (perhaps mistakenly) to Benjamin Franklin
iGeneration
Zack WhittakerBlackBerry encryption 'too secure': National security vs. consumer privacy
Summary
India’s intelligence services cannot intercept BlackBerry encrypted data, citing this as a risk to national security. What’s more important: national security, or consumer privacy - and why?
Topics
Blogger Info
Zack Whittaker
Biography
Zack Whittaker
Zack Whittaker started playing with computers before he could even tie his shoelaces; although that skill wasn't discovered until he was 10. Amongst many things, he is a good-for-nothing, pink sock wearing, British student at the University of Kent in Canterbury, UK working towards a BA (Hons) Criminology and Social Policy.
In between studying, drinking, and occasionally sleeping, he works with researchers studying neurological illnesses like Tourette's syndrome (of which he suffers from), and gives talks and lectures on disabilities.
He grew up in "Robin Hood Country" in Nottinghamshire, UK for the best part of his life, but still heads there on occasion to see his ever-supporting and loving family, godchildren and his friends. Although due to his age he may seem inexperienced and misguided, but he's already totalled up many years of work, education, knowledge and general (mis)adventure.
Research in Motion, the creator of the widely used enterprise-come-consumer BlackBerry device, has an uncertain position in India.
The Indian government’s internal security and intelligence services cannot break the encryption of the device, which makes countering terror threats and national security matters difficult - especially for a region which faces constant threats and attacks from domestic Maoist insurgents and extremist Islamic groups.
Nearly two years ago, around 170 people were killed in the 2008 Mumbai attacks which lasted two days, and was reported primarily by citizens on the ground through citizen journalism; posting updates to Twitter and Facebook through their mobile devices.
- Read more: Mumbai attacks coverage demostrates (good and bad) maturation point of social media (ZDNet)
Another issue RIM faces is the concern of the United Arab Emirates which claims that BlackBerry phones’ data being stored overseas and outside the legal territory of the UAE not only violates their law, but makes it difficult or impossible to ensure national security by intercepting potentially vital terror-combating intelligence.
Update (1st August 2010, 12:55 GMT): The BBC confirmed via the UAE’s state media that come October, all half a million BlackBerry users in the region will have some services suspended unless a “solution compatible with local laws is reached”, amid national security concerns.
The encryption key developed by BlackBerry’s manufacturers was partly designed to ensure secrecy during corporate business deals as so they were not compromised.
Now consumers have jumped on the BlackBerry bandwagon, this poses a wider issue for less-developed or funded intelligence services.
- Read more: India ‘warns BlackBerry over security threat’
- Read more: RIM vs. Indian government continues (ZDNet)
- Read more: BlackBerry seen as major security threat in UAE
As a criminology student focusing and specialising in areas of terrorism, specifically the use of technology within terror organisations and the use of social media, I can see this in two minds in regards to this:
- RIM wants to ensure user privacy, but of course wouldn’t want a terror attack to take place at any given place or time.
- India also wants to prevent such terror attacks, but it’s losing the battle by not being able to read highly encrypted data.
It’s a tricky one, I will admit.
India faces a multitude of terror threats, just as many fast-developing economies and countries around the world. The increased use in technology to better communications in order to orchestrate acts of terror are clearly being used as the rest of ordinary society does.
India’s intelligence services need to be able to access encrypted data to prevent attacks in a ‘constant setting’: where attacks are likely and have occurred regularly. The ability for governments to intercept or read data sent to and from their citizens is common place in Western societies.
The NSA for the US and GCHQ for the UK are two common examples of these. But better resources and technologies allow encryption to be broken - regardless of RIM’s intervention or preventative measures.
The US and the UK have had very few terrorist attacks since September 11th, as a benchmark, though not proving a connection between intercepted data and preventing attacks, but makes the case more likely.
Text messages are not secure. Phone calls are not secure. Emails sent via Exchange and POP/IMAP are generally not secure, though BlackBerry emails are considered so.
BlackBerry Messenger, however, is secure. It’s so secure, that though China has state controlled press and broadcasting media, along with issues of censorship and Internet filtering, evenĀ data sent across BlackBerry Messenger cannot be read by the Chinese government. This, of course, makes it highly popular with their booming younger generation of users (so a RIM spokesperson told me).
With consumer privacy being a constant hot topic, especially in the rise of publicly available data and the need to share your own information to gain others - social networking being a prime example, the individual right to privacy of communications takes personal precedence.
So interestingly, it boils down to diplomatic tit-for-tat. I am fully aware that my own government of which I helped in democratically electing monitors my communications in a secure, fair and justified way. Though my government expects a terrorist attack, we haven’t had a successful one since the 2007 Glasgow Airport bombing of which no civilians died.
One civilian beat the living crap out of a flaming terrorist though.
But those in an area of uncertainty around terrorism and national security, the need to accept certain ‘breaches’ in civil liberties are almost necessary to prevent societal damage. Of course, there is a line to be crossed, and only local culture can determine that as so.
I’ll bite. I’ll ask the million dollar question, and anything goes. What’s more important: national security, or consumer privacy - and why?
Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.
Zack Whittaker, the youngest in the ZDNet network, is a British student at the University of Kent, where he studies a BA (Hons) Criminology and Social Policy undergraduate degree.
Disclosure
Zack Whittaker
I worked at Microsoft as an intern a few years ago but have since cut my ties with them. I'm very grateful for their support over the years and the acquaintances I've made and the positive impact they've had on my future career. In spite of this, I remain impartial and unbiased to my views.
I don't hold any stock or shares, investments or industrial secrets in any company, but have signed confidentiality agreements with a number of UK and US organisations, whose names I am not at liberty to disclose.
I am highly involved with Kent Union, the University of Kent's student union, a charitable organisation which seeks to represent every student at either Canterbury, Medway, Tonbridge, Brussels or Paris campuses. Between May 2009 and December 2009, I was elected as a voluntary, non-salaried position - as welfare officer for Rutherford College at the university.
Between October 2009 and December 2009, I was elected as a voluntary, non-salaried position - as ordinary council member for Kent Union Council, the governing body for the students union. No other company, body, governmental department, non-governmental organisation or third sector organisation employs me or pays me a salary in any capacity whatsoever.
(Updated: 23rd February 2010)
Biography
Zack Whittaker
Zack Whittaker started playing with computers before he could even tie his shoelaces; although that skill wasn't discovered until he was 10. Amongst many things, he is a good-for-nothing, pink sock wearing, British student at the University of Kent in Canterbury, UK working towards a BA (Hons) Criminology and Social Policy.
In between studying, drinking, and occasionally sleeping, he works with researchers studying neurological illnesses like Tourette's syndrome (of which he suffers from), and gives talks and lectures on disabilities.
He grew up in "Robin Hood Country" in Nottinghamshire, UK for the best part of his life, but still heads there on occasion to see his ever-supporting and loving family, godchildren and his friends. Although due to his age he may seem inexperienced and misguided, but he's already totalled up many years of work, education, knowledge and general (mis)adventure.
More from “iGeneration”
Related Discussions on TechRepublic
Did you know you can take part in these discussions with your ZDNet membership?Talkback Most Recent of 51 Talkback(s)
-
sismoc07/29/2010 12:50 PM -
Yeah and 300 years ago that held water...
@sismoc I hate it when people trot out quotations from the founding fathers every single time an issue like this comes up. For some reason everyone gets the impression that they were these pure and noble souls who would never do anything like whatever the hot button issue of the moment is. In this case you're dead wrong. Every government since time immemorial has had an interest in intercepting data from antagonistic elements. The British did it to the French and vice versa during the Napoleonic Wars and you can bet we did it too. Our nation was not founded by an act of mutual agreement amongst the citizenry. There were still pro British elements amongst us, spies if you will, and our nation at the time was in a very precarious position. It is sheer folly to think they did not intercept data, granted that was back when you had to catch the messenger and then find the sealed letter but, the point remains that all governments were doing it and still are doing it to this day. The only difference between then and now is that the messenger is a global network and the sealed letter is encrypted data. It still baffles me how, in this day and age of social networks and cloud computing, we still expect data privacy.
This is just a classic case of wanting to have your cake and eat it too. You can have as much privacy as you can possibly get just by disconnecting your computer form the internet and cancelling your phone service. There you go privacy but, if you want to utilize the modern conveniences of this day and age then you have to accept the fact that your data is being tracked, not just by the government but by corporate America as well.
Now for my quote, the author of which is unknown but that sums up this whole ridiculous discussion nicely
"In the war for individual rights, common sense becomes the first and major casualty." An unknown but apparently very wise individual.
Str0b008/01/2010 04:11 AM -
Without really stepping into this discussion....
@Str0b0
I will say however that when we look at human conduct, both present and past, "common sense" (and "conventional wisdom" for that matter) are two of the most blatant oxymorons.
Economister08/02/2010 08:31 AM -
Always there are alternatives
OK, even if BB encryption is weaken, we can always use other personal business privacy tools with strong encryption like B-Folders. What's the point of dealing with BB?
olafohman(Edited: 07/29/2010 01:42 PM) -
RE: BlackBerry encryption 'too secure': National security vs. consumer privacy
"Those who would give up Essential Liberty to purchase a little Temporary Safety deserve neither Liberty nor Safety"
mgdvt@...07/29/2010 01:23 PM -
ZDNet Blogger
RE: mgdvt
@mgdvt@... Though Franklin wanted to make a point with this, it doesn't really relate to post-modern society. A saying or a theory is all good and well, but in practice things can be very different.
Similarly, I was talking to a friend of mine, a priest in the CofE, who though liberal, young and modern as he is, recognises that ancient scripture such as the Bible is old, outdated, and though contains many of the moral codes we abide by today, it's aimed at a much different time.
Point is - ten years is a long time in technology. It's a very long time, and many countries can't keep up with it. Therefore Franklin's quote though may be true back in the day in the spirit it was meant; today, it's worth very little except for historical value.
zwhittaker07/29/2010 03:21 PM -
RE: BlackBerry encryption 'too secure': National security vs. consumer privacy
@zwhittaker IT TOTALLY RELATES TO MODERN SOCIETY. I don't trust governments who feel they need to treat me like a criminal by tapping my phone without cause. Blackberry provides the most secure communications platform ever built. It is the main reason it continues to dominate iOS and Android devices in market share.
condelirios07/29/2010 09:01 PM -
RE: BlackBerry encryption 'too secure': National security vs. consumer privacy
@zwhittaker
"The more things change, the more they stay the same".
Some things are temporary, here today, irreleveant tomorrow. But some things are timeless, always true no matter when it is. The quote about trading freedom for security attributed to Ben Franklin is one thing that will always be true.
Amongst everything else, Ben Franklin studied history. Clearly, you must have neglected those studies (or fallen asleep in them like so many other students). If you had paid attention, you'd understand why Franklin was right.
The reason Franklin is right is that those who would trade their rights for temoprary security generally end up losing those rights permently while any security they gain ends up being fleeting at best.
Ask yourself this: Would you become a slave for a day if it meant you were secure for that day? What about a week? A month? A year? 10 years? A life time? And there lies the problem. If you're willing to give up your rights even for an hour, you're already on a slippery slope. The only way to keep your rights is to remain eternally vigilant. This is what Franklin, in context at the time, was talking about.
mheartwood07/29/2010 09:31 PM -
ZDNet Blogger
RE: mheartwood
@mheartwood The bill of rights which allows those to bear arms and defend themselves was written in a time where it took over 1 minute 30 to reload. I doubt whether your founding fathers would have made the same decision nowadays.zwhittaker07/29/2010 11:46 PM -
I would rather be free than safe...
@zwhittaker
1. The turn around time for a gun reload is not the point of the amendment. In the past a sword kill could take less than a second but even that is irrelevant. The point is governments, no matter how well conceived, are pron to corruption. Only when citizens have the rights and the tools to fight corruption, and oppression do governments behave better. Not only would the framers put the same amendment in place if they knew about automatic guns, they would still have encouraged people to have them. It's like nuclear deterrence if you have a gun and the other guy has a gun, you are both more likely to be polite and law abiding. But if only the other guy has a gun, you have a better chance of being a slave.
As for encryption, I don't trust my government, I don't trust other people's government so I think strong encryption is key. As for allowing the criminals to use it as well, I think this is a non-issue. Most of the real criminals have made in-roads to their local/national governments anyway so realistically they are protected anyway. Sure some of the street level criminals aren't protected but chances are they will screw up somewhere else and get caught. Also criminal or not, it is not a crime to talk and communicate. I am tired of people equating talking with actually doing. If some says they are going to do something and don't actually do it, they are not a criminal.
mr197207/30/2010 07:33 AM -
ZDNet Blogger
RE: mr1972
@mr1972 "If some says they are going to do something and don't actually do it, they are not a criminal." - Well, no - that's "conspiracy to commit". It would be down to the defence to prove that the conspired act could or would have never taken place, and it's down to the prosecution to claim that if indeed it was conceived, then practically it could be accomplished.
Saying you will rob a bank could be considered "conspiracy to commit robbery" but, just saying it could be the first step of the plan. Just because you didn't get round to it (or proving that's the case) doesn't mean it wasn't going to happen.zwhittaker07/30/2010 09:37 AM -
What my government really wants is your IP
@zwhittaker ... The CIA wants to know everything your government and the people within it are up to, to make sure you're following orders from Washington and buying our military hardware and following our foreign policy instructions.
Keeping tabs on everyones phones and data is part of that effort. Allowing you to secure your data against the US governments prying eyes runs counter to that.
The same goes for the rest of the world.
So shut the hell up and keep printing this propaganda we script for you about how it's all about terrorists.
HollywoodDog07/30/2010 10:28 AM -
RE: BlackBerry encryption 'too secure': National security vs. consumer privacy
@zwhittaker
That has nothing to do with technology. Privacy trumps security 100% of the time, or there is no freedom. If technology changes fundamental rights, then is it OK to murder as long as you use a technologically advanced weapon? For people to have liberty, the government must be forbidden from spying and searching without probably cause; whether they do it with old technology or new.
RedVeg07/30/2010 12:32 PM -
RE: BlackBerry encryption 'too secure': National security vs. consumer privacy
@zwhittaker
Sorry but you are swallowing the government line. All governments play the safety/security card whenever they want to steal a little of our freedom and increase their power.
The Indian Government lets 170 people die every day (perhaps every hour) of starvation, bad sanitation and unavailable medical care. It is hard to credit their concern about the insignificant loss to those state sponsored terrorists.
The fight isn't with terrorists, it is between citizens and their government to limit government power and maintain freedom.
wmscarpenter07/30/2010 01:51 PM -
RE: BlackBerry encryption 'too secure': National security vs. consumer privacy
@wmscarpenter, well I doubt how much monitoring BB will achieve the prevention of terrorism. But your logic is strange, if some people dies of starvation, does it mean it is ok to let some more people die of terrorism?
kparicharak07/31/2010 12:13 AM
Talkback - Tell Us What You Think
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
Vendor Showcase
Facebook Activity
Blog Roll
- All About Microsoft
- The Apple Core
- Between the Lines
- BriefingsDirect
- Collaboration 2.0
- Dev Connection
- A Developer's View
- Digital Cameras & Camcorders
- Ed Bott's Microsoft Report
- Emerging Tech
- Enterprise Web 2.0
- Five Nines: The Next Gen Datacenter
- Forrester Research
- Googling Google
- GreenTech Pastures
- Hardware 2.0
- Home Theater
- iGeneration
- India IT
- Irregular Enterprise
- IT Project Failures
- Laptops & Desktops
- Lawgarithms
- Linux and Open Source
- Managing L'unix
- The Mobile Gadgeteer
- Networking
- On Sustainability
- The Semantic Web
- Service Oriented
- Smartphones and Cell Phones
- Social Business
- Social CRM: The Conversation
- Software & Services Safari
- Software as Services
- Storage Bits
- Team Think
- Tech Broiler
- Tom Foremski: IMHO
- The ToyBox
- Virtually Speaking
- The Web Life
- ZDNet Education
- ZDNet Government
- ZDNet Healthcare
- Zero Day
Blog Archive
White Papers, Webcasts, & Resources
- Battery Technologies for Data Centers and Network Rooms: Environmental RegulationsSome lead-acid batteries located in data centers are subject to government ... (American Power Conversion (APC)) Download Now
- Battery Technology for Data Centers and Network Rooms: Safety CodesDiscover why Valve Regulated Lead Acid (VRLA) batteries can be deployed in data centers without the elaborate safety systems required for Vented (Flooded) Lead Acid batteries. (Sponsored by APC) (American Power Conversion (APC)) Download Now
- Essential Power System Requirements for Next Generation Data CentersEffective mission critical installations must address the known problems ... (American Power Conversion (APC)) Download Now
