RCMP Obtained Decryption Key To Hack BlackBerry Communications: Report

Posted: Updated:
JOHN CHEN BLACKBERRY
John Chen, BlackBerry Ltd. CEO, speaks at an event in New York in 2014. | Bloomberg via Getty Images
Print

UPDATE 4/18/2016: BlackBerry CEO John Chen is defending his company's involvement in an RCMP probe that cracked the encryption on BlackBerry PIN-to-PIN messages.

"We have long been clear in our stance that tech companies as good corporate citizens should comply with reasonable lawful access requests," Chen said in a blog post published Monday.

Chen said the police investigation "resulted in a major criminal organization being dismantled," and added that at no point was BlackBerry's enterprise server [BES] for business clients compromised.

"Our BES continues to be impenetrable – also without the ability for backdoor access – and is the most secure mobile platform for managing all mobile devices."

Original story follows below.

Just days after BlackBerry’s CEO stressed the company's network has no back doors for law enforcement, a news report alleges the RCMP obtained the ability to decrypt communications on BlackBerry devices.

Vice reports that the RCMP was able to crack PIN-to-PIN messages related to Operation Clemenza, a large-scale probe into organized crime in Quebec. The investigation launched in 2010 and resulted in dozens of arrests in 2014.

The RCMP isn’t keeping it a secret that it used BlackBerry communications to crack the case. It states on its website that its use of these messages marked “the first time that this technique was used on such a large scale in a major investigation” in North America.

“Over one million private messages were intercepted and analyzed as evidence using the PIN to PIN interception technique,” the RCMP said.

But according to Vice, court documents show the RCMP had access to a BlackBerry decryption key — a piece of code that would allow any communications between two BlackBerry devices to be hacked and read.

It's unclear if BlackBerry handed the key to the RCMP, but it is known that BlackBerry, along with Rogers Wireless, was under a court order to help police in the investigation.

project clemenza
Mario Desmarais, left, with the Montreal Police Department and Michel Arcand with the RCMP speak to reporters during a news conference at RCMP headquarters in Montreal in June 12014, where they answered questions about Project Clemenza. (Photo: Canadian Press)

Communications on BlackBerrys, as on many other devices, are encrypted. Police can collect metadata on those communications (when, where, who) — but without the ability to decrypt it, the content would be meaningless gibberish.

The decryption key reportedly affected communications between individual BlackBerry messaging users but not communications on the company’s enterprise servers for business communications.

It “would mean that police enjoyed years of access to Canadians' personal cellphones without the public being any the wiser,” Vice reports.

"Our privacy commitment does not extend to criminals.”— BlackBerry CEO John Chen

BlackBerry CEO John Chen played up the company’s privacy features in a TV interview last week, saying the company’s servers are secure and there are no “back doors” that would allow someone to tap into the encrypted network.

But Chen has taken a more co-operative approach to working with police than some other companies. He has criticized Apple for its refusal to decrypt iPhones at the request of the FBI, saying, “We are indeed in a dark place when companies put their reputations above the greater good.”

Privacy and security “form the crux of everything we do,” Chen wrote in a blog post last December. “However, our privacy commitment does not extend to criminals.”

john chen blackberry
Blackberry CEO John Chen reacts during a Bloomberg Television interview at the Mobile World Congress in Barcelona in 2014. (Photo: Getty Images)

Many observers in the tech world say BlackBerry has lost its advantage as a brand for secure communications — perhaps because its encrypted BlackBerry Messenger service was too good at keeping exchanges secret.

Governments around the world in recent years threatened to ban BlackBerry if it didn’t give them access to its encrypted communications.

In the past several years, BlackBerry has given the Indian government access to communications on its networks, and has even built a server in Saudi Arabia so the local government can access Saudi users’ communications.

However, BlackBerry did not fulfill a request by the Pakistani government for unfettered access to the company's enterprise servers for business. After BlackBerry threatened to leave the Pakistani market altogether, the government backed down from its demands.

Also on HuffPost:

Close
Evolution of BlackBerry
of
Share
Tweet
Advertisement
Share this
close
Current Slide

Around the Web

Exclusive: Canadian Police Obtained BlackBerry's Global Decryption Key

BlackBerry Continues to Cozy Up With Android

BlackBerry to launch 2 Android phones

BlackBerry is leaving from Pakistan due country's monitoring data demand ...