The government took a call in the matter more than 18 months ago. Now, it has deciphered the mechanics of enabling security agencies to police the one million-strong exclusive preserve of BlackBerry Messenger (BBM) users in India.
Consequently, BlackBerry smartphone owners - who were interception-secure all these days - will have to brace for an invasion of their privacy. Their messenger service can be lawfully tapped citing security concerns.
Indian security agencies confirmed to Mail Today on Friday that the process to access the BBM service, which operates with the highly protected 256-bit encrypted data, is underway and would be up and running soon.
Official sources said they would intercept BBM messages in cases where they suspected that the devices were being used to hatch terror plots or perpetrate other crimes.
Department of telecommunications (DoT) secretary R. Chandrashekhar told Mail Toda
y that the arrangements were being put in place and the process had begun for lawful interception of BBM services. "Directions can be given to any service provider for interception of all BlackBerry services," Chandrashekhar said.
The spokesperson for BlackBerry maker Research In Motion (RIM), the company with whom the government has been engaged in lengthy (and often acrimonious) discussions, said: "We are holding talks with the government, but there has been no issue from our side regarding accessibility to BBM services ever since our server was installed in the country."
The Canada-based RIM set up its server in Mumbai
in February to enable security agencies to intercept data. The eight agencies that are authorised to tap phone calls, emails as well as voice and data communications domestically are the Intelligence Bureau (IB), Directorate of Revenue Intelligence (DRI), Enforcement Directorate (ED), Narcotics Control Bureau (NCB), Central Bureau of Investigation (CBI), Research and Analysis Wing (RAW), National Technical Research Organisation (NTRO) and the state police.
Here's how Big Brother will snoop on BBMs. The security agency concerned will first have to approach the Union home ministry and seek its permission to tap a particular BBM user's number. The agency will then send a request to a service provider to access the data of the number. This will be followed by the operator connecting to the agency's channel and divulging the user's communication details.
Asked about the BlackBerry Enterprise Service (BES), which gives a smartphone user access to a corporate intranet, Chandrashekhar said: "We have found a satisfactory way forward. A plan of action has been chalked out for all BlackBerry services (including BES) and there is concurrence on how it will be executed. The matter was discussed with the home ministry and other security agencies, and the method has been finalised."
He said: "It's not that access to enterprise service is not available. But the process is cumbersome. The technology works in a certain way. It is not a BlackBerry-specific issue." In order to access BES, the government agencies have to tap into service providers that store emails in decrypted (readable) format before they are encrypted and pushed to the recipient's device. The government believes BES is not of very high importance to intelligence and security agencies, but has asked service providers to share a list of all servers (approximately 5,000 in India).
IB director Nehchal Sandhu noted that these were communications between the employees of the enterprise only and, therefore, were not of "high concern" for security or intelligence agencies.
Most private companies such as Vodafone, Airtel, Reliance and Tata Teleservices as well as public sector enterprises MTNL and BSNL provide BlackBerry services which have gained popularity among high-end users. Around a million users are hooked to Black-Berry's corporate email and SMS facilities in India.
An official with service provider Idea Cellular said: "There was no problem from the operator's end. In fact, we are glad that the BlackBerry issue has been resolved. We allow the government complete access to our operations as and when we are asked," he asserted.
The standoff between RIM and the Centre began in July 2010, when the latter asked the firm to provide access to its BlackBerry data for internal security reasons. But the server of these BlackBerry services was located in Canada and RIM had not been acceding to the government's demand for setting up another server in India as it had done in the US, Saudi Arabia and China.
An October 31, 2010, ultimatum was then served on cell-phone manufacturers to comply with the order. Subsequently, the deadline kept getting deferred in every quarter till June 2011.
RIM had, at one point, adopted the stand that it was the for the telecom companies to provide this assurance to the government. This resulted in a crackdown on service providers. The gridlock had been persisting for over a year.
According to the licensing conditions, service providers are liable to put a mechanism in place to allow security agencies to intercept any conversation or message of a subscriber when required. RIM, in the meantime, even tried to get away by getting Canada to intervene. The MNC, which has operations in 175 countries, set up a server in Mumbai in February this year to allow security agencies to conduct real-time monitoring of BBM data feeds.
Significantly, DoT was pulled up by a parliamentary committee a week ago over liberal extensions given to RIM on providing messages to security agencies in a readable format.
Unlike the intransigent stance it took in India, RIM had provided access to its services to the US and China. But it is believed that the controversy lingered in India because of the lack of the government's will and lacunae in India's IT Act. Now, DoT has recommended a policy similar to the one adopted in the BlackBerry case for Nokia Push Mail as well.
Mail Today Exclusive