BlackBerry on helping police decrypt: "We stood by our lawful access principles"

As Microsoft and Apple wage very public fights to protect user data on devices and in the cloud from what they say is overreaching government requests, BlackBerry has taken a very different public stance, confirming reports that the company helped decrypt users' messages and saying it believed technology companies should act as "good corporate citizens."

In a statement release on BlackBerry's website, BlackBerry CEO John Chen said that the company had to do what was "right for the citizenry, within legal and ethical boundaries."

In what seemed like a pointed barb at other tech companies, he also said that "we are indeed in a dark place when companies put their reputations above the greater good."

The statement came after a report that the Royal Canadian Mounted Police had appeared to have gained access to BlackBerry's master encryption key, used to encrypt messages going between BlackBerry Messenger users that are not hooked up to BlackBerry Enterprise Server.

And that's where Chen's argument gets interesting: Enterprise customers who can afford BES get one tier of (much better) security, while regular BlackBerry users get something much weaker. If BlackBerry is confident that it can securely share backdoor access for only legitimate reasons, why not build that access into enterprise server? The answer is obvious: Because customers would immediately balk, and with good reason. Any backdoor increases the chance that the service will be vulnerable to malicious attackers, no matter how well intentioned.

And that's why an increasing number of services are moving to end-to-end encryption so that even if they wanted to, they can't provide governments with access. Read Chen's full statement, and let me know what you think in the comments.

When it comes to doing the right thing in difficult situations, BlackBerry’s guiding principle has been to do what is right for the citizenry, within legal and ethical boundaries. We have long been clear in our stance that tech companies as good corporate citizens should comply with reasonable lawful access requests. I have stated before that we are indeed in a dark place when companies put their reputations above the greater good.

This very belief was put to the test in an old case that recently resurfaced in the news, which speculated on and challenged BlackBerry’s corporate and ethical principles. In the end, the case resulted in a major criminal organization being dismantled. Regarding BlackBerry’s assistance, I can reaffirm that we stood by our lawful access principles. Furthermore, at no point was BlackBerry’s BES server involved. Our BES continues to be impenetrable – also without the ability for backdoor access – and is the most secure mobile platform for managing all mobile devices. That’s why we are the gold standard in government and enterprise-grade security.

For BlackBerry, there is a balance between doing what’s right, such as helping to apprehend criminals, and preventing government abuse of invading citizen’s privacy, including when we refused to give Pakistan access to our servers. We have been able to find this balance even as governments have pressured us to change our ethical grounds. Despite these pressures, our position has been unwavering and our actions are proof we commit to these principles.