BlackBerry Decryption Key Held By Canadian Mounties, Report Says - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Government // Cybersecurity

BlackBerry Decryption Key Held By Canadian Mounties, Report Says

Struggling smartphone maker BlackBerry has been dealt a major blow after court records revealed that the Royal Canadian Mounted Police has a copy of the company's global decryption key.

Encryption Debate: 8 Things CIOs Should Know
Encryption Debate: 8 Things CIOs Should Know
(Click image for larger view and slideshow.)

BlackBerry's reputation of secure devices once led to wide adoption of its devices among government officials, including President Obama. But now, court records reveal that the Royal Canadian Mounted Police have had a copy of BlackBerry's global decryption key.

According to a report on Vice.com, the Canadian Mounties have had this key since 2010. Such a key allows authorities to review encrypted messages passing through the company's BlackBerry Messenger (BBM) service.

However, it is likely that only consumer-grade smartphones are affected, because BlackBerry holds the decryption key for those, whereas the company offers enterprise clients the option to run their own network of devices and hold their own encryption key, notes Vice.

(Image: alexsl/iStockphoto)

(Image: alexsl/iStockphoto)

Nonetheless, the disclosure that the Mounties have the global key and that BlackBerry was assisting the Canadian authorities in a gangland murder case may hurt the struggling company's security reputation. It's not clear from the court records how the Mounties came into possession of the global encryption key, according to Vice, but it is noted in the documents that BlackBerry was lending a hand to the investigation.

"BlackBerry has always been associated as the most secure mobile device to own, and an information leak such as this is catastrophic for their image," Morey Haber, vice president of technology at security company BeyondTrust, told InformationWeek. "Every personal user of their technology can potentially have their messages decrypted without their knowledge, now that it is known that the decryption key is in the hands of third parties."

This revelation comes at a time when security and privacy issues involving smartphones are at the forefront, given the battle between Apple and the FBI. The federal agency was pressing Apple to build a backdoor to give authorities access to data on the iPhone belonging to one of the San Bernardino shooters. The FBI ultimately dropped that pursuit after it found a way to decrypt the iPhone with the help of a third party.

BlackBerry also prevailed in preventing Pakistan from forcing it to build a backdoor to its mobile operating system, but at the same time it has worked with other governments to gain access to users' information and data.

Are you prepared for a new world of enterprise mobility? Attend the Wireless & Mobility Track at Interop Las Vegas, May 2-6. Register now!

The company's stance is that it approaches "lawful access matters internationally within the framework of core principles." In providing certain governments access to users messages, it may have contributed to slower sales of its devices.

BlackBerry, which has been struggling in recent years, may have been well aware of this fact. Court documents show that the company and the Mounties challenged a judge's order to release more details about the relationship between the two parties, according to Vice.

While not clear how deep the relationship between BlackBerry and Canadian authorities goes, this disclosure will likely have an impact on BlackBerry well as the security industry at large.

"Any incident like this reduces people's faith in security companies delivering on their promises of providing robust encryption," said Maxim Weinstein, security advisor at Sophos, in an interview with InformationWeek. "I think you'll see security companies having to answer more questions than usual, in the coming weeks, about how they protect encryption keys and what they can or can't turn over to governments."

Dawn Kawamoto is an Associate Editor for Dark Reading, where she covers cybersecurity news and trends. She is an award-winning journalist who has written and edited technology, management, leadership, career, finance, and innovation stories for such publications as CNET's ... View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

Slideshows
10 Things Your Artificial Intelligence Initiative Needs to Succeed
Lisa Morgan, Freelance Writer,  4/20/2021
News
Tech Spending Climbs as Digital Business Initiatives Grow
Jessica Davis, Senior Editor, Enterprise Apps,  4/22/2021
Commentary
Optimizing the CIO and CFO Relationship
Mary E. Shacklett, Technology commentator and President of Transworld Data,  4/13/2021
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Planning Your Digital Transformation Roadmap
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Slideshows
Flash Poll