I’ve been watching RIM’s BlackBerry revolution unfold over more than a decade, to the point where telecom regulators or governments airing their latest complaints in the public domain has become predictable and commonplace. Following the protracted complaints by a minister in the Indian government in 2008
, RIM has most recently been in the firing line from the UAE's Telecommunications Regulatory Authority, which claimed that:
"As a result of how BlackBerry data is managed and stored, in their current form, certain Blackberry applications allow people to misuse the service, causing serious social, judicial and national security repercussions…"
Saudi Arabia may also suspend BlackBerry mobile email and instant messaging services because they are considering the services to operate “outside local laws” and raise “national security” concerns.
The services are apparently under scrutiny because they are operated through secure network operations centres around the world, meaning that most governments can't access the data easily on their own, a requirement of local legal interception legislation.
This is nothing new for RIM. In my opinion, it is difficult to take these objections at face value. Comments that UAE and Saudi are small markets and do not matter to RIM are also wide of the mark (they still represent around 1.2 million subscribers).
Ultimately, RIM will have to allow its carrier partners access to tools that allow them to comply with lawful intercept legislation.
- There is a broad difference between accessing information on reasonable grounds and unreasonable monitoring of users. Legal intercept is fundamentally complex concept, for which there must be reasonable grounds for investigation, but is not the same as spying on users without reason.
- A negotiating tactic to drive greater investment in these local country markets, through location of data centres or NOCs in these regions.
- Business customers, who make up the majority of RIM customers, especially in developing markets, are higher ARPU customers. For a telecom regulator to shut off a high ARPU service for mobile carriers is hardly beneficial to a developing country’s economy.
- The governments and regulators that publically object to RIM’s level of content encryption are the same who benefit from RIM’s content encryption.
- RIM is only subject to this scrutiny, because it is the only company that can meet the rigorous security standards set by national governments. It is also the only incumbent that has a presence in vertical markets that require tight GRC (Governance, Regulation and Compliance).
However, RIM holds the keys and will likely only offer the tools to carriers that allow access to information that is legally required on a case by case basis. This will allow for reasonable compliance with requests from regulators and governments, whilst avoiding the less than savoury possibility of broad population monitoring, that in itself have broad moral repercussions. What is clear is that the company will not decouple the solution that would create a fragemented entity and damage the company’s USP.
What is clear, is that RIM is in a bizarre predicament whereby it’s tight security and GRC adherence, driven by its architecture, which has given it an apparently insurmountable installed base in government, is having a seemingly negative impact on its business.
Nevertheless, I believe RIM can and will meet reasonable demands by providing tools to carriers, whilst avoiding the unsavoury business of wholesale privacy violation. The stark reality remains, that RIM is only open to this scrutiny is because it is the only company that can provide this level of security to users, companies and even government agencies!