RIM's dilemma: BlackBerry fueled riots put core privacy principles at risk

The BlackBerry maker faces a dilemma: give up encrypted riot-user message data, but lose ground in the niche and unique privacy messaging market.
Written by Zack Whittaker, Contributor

Research in Motion, the BlackBerry maker, faces a dilemma similar to a situation it faced in India earlier this year.

BlackBerry users in London have been taking to the secure Messenger application to organize riots across the British capital. Over the last four days of disorder, violence has spread to other major cities -- including Birmingham, Bristol, Nottingham and Manchester.

To be clear: this isn't RIM's fault. Just as people blame cyber-bullying on technology, it is the people behind the screens that are to blame.

Though RIM promised to assist the authorities wherever possible in tracking down those hiding behind the seemingly secure BlackBerry Messenger application, the Canadian-based company needs to maintain its security core focus.

Security and corporate privacy, after all, is the single most differentiating factor in the company's ethos.

RIM will not automatically hand over user data unless it is asked to do so. It could, but doing so would be irresponsible -- even unlawful under European data protection laws -- for the corporation that has a touch privacy stance to maintain. Instead, police will issue warrants to access specific data, which could be wide-ranging and in a broad scoped nature.

RIM can hand over data that would be pertinent to that of national security or an ongoing law enforcement investigation, however.

But where does that leave the reputation of the company, which prides itself on offering government-grade security?

Just as with the furor over encrypted emails in India earlier this year -- which is still contending with enforcing counter-terrorism measures in a difficult political climate -- the Indian government wanted to screen and inspect encrypted corporate emails.

RIM does not hold or have access to the encryption keys offered by its enterprise software. Police, law enforcement and intelligence services can ask until they are blue in the face, but RIM cannot hand over something it simply doesn't have.

However, as BlackBerry Messenger is a hosted service, run and controlled by RIM directly, the company can hand over this consumer led, albeit encrypted data, to police.

In reality, Research in Motion does not have a dilemma at all.

The only consideration it needs to take into account is how it can continue to market itself as a secure communications platform, when ultimately it is still vulnerable to the laws of the land.

Corporate encrypted data is out of RIM's reach, but not that of government. In the UK, if requested to by police, encryption keys must be handed over when data is liable to government inspection.

Whether clever marketing got in the way, one can only hypothesize. BlackBerrys are secure from corporate snooping, but consumers are not immune from government inspection.

Related content:

Editorial standards