introduce services like information technology and business process outsourcing (BPO). To grab such opportunities, we need to keep pace with technological advancements. The recent controversy around BlackBerry services needs to be seen in this context.
Leading global corporations have set up software development, BPO and R&D centres in India because they have the confidence that their data is safe thanks to secure networks. Unfortunately, recent terrorist threats have resulted in a greater need for what is known as a ‘lawful interception’. As a result, there have been threats to ‘turn
off’ the BlackBerry Enterprise Service (BES) because it uses secure encryption. Skype, Yahoo! and Google have also come under the scanner, as has any VPN (virtual private network) that transmits encrypted data.
The demands for unlimited access at any time by law enforcement and investigating agencies are both understandable and a serious concern. But we need a more balanced approach for lawful interception, as in America and Britain, where it is facilitated through a combination of intelligence gathering and profiling of suspects without crippling legitimate businesses. The call for a ban on BES seems to be unreasonable and draconian. It’s not that Research In Motion (RIM), the developer of BlackBerry, won’t give the keys to decrypt its data; it’s just that it cannot.
BlackBerry is popular in countries across North America, Europe and Asia. Many of these nations are under constant threat from terror. Yet none of them has called for a ban. This makes some people suspicious that RIM has provided other nations with decryption keys. This is a misplaced assertion for two reasons.
One, what will RIM gain by hiding this knowledge from only certain governments? It’s easier to grant the access and move on. Two, one only has to study BlackBerry’s encryption technology to realise that data transmitted between BES and BlackBerry phones is encrypted using advanced encryption standards. Private encryption keys are generated in a secure environment and are assigned to each BlackBerry user. Each key is stored only in the user’s secure account and on his or her BlackBerry smartphone. Data remains encrypted in transit and is never decrypted outside of the corporate firewall. As a result, no third party, not even RIM, has the keys to unlock or decrypt the encrypted data.
The challenge of misuse is rooted not just in one device or technology but in society in general. The solution to this threat lies in collective intelligence by investigating agencies with the cooperation of industry, civil society and law-enforcement agencies.
We need to implement the following on a fast track:
n Upgrade and modernise intelligence and investigating agencies so that they are equipped with the latest tools and technologies to intercept data.
n Provide organisations like the National Technical Research Organisation with requisite funding to enhance their capabilities so that they can assist law-enforcement and investigating agencies.
n Prepare a lawful interception policy that can be implemented uniformly with full cooperation of industry in a way that supports the needs of investigating agencies and protects the data security needs of corporations.
Bans and calls for bans aren’t a solution. They’ll disconnect India from the rest of the world. We can’t allow that to happen, because then terrorists will win without even firing a bullet.
S Ramadorai is Vice Chairman, Tata Consultancy Services Limited, The views expressed by the author are personal