The government seems to have won the first set by pushing Research in Motion to setup a server in the country. Industry watchers say it will not be all easy going for the government as well. The investigative agencies too will need to upgrade their infrastructure in order to decode the data. By Heena Jhingan
Analysts look at it as a battle which the government seems to have won, saying that this perhaps was the immediate solution for RIM that has been dodging a ban on services in the country. Back in 2010, the Indian government had set a deadline for RIM to allow authorities access to encrypted data, failing which it would have to face a ban. A ban at that time would have affected about a million subscribers of the services. That was a crucial period for the solution provider as it was trying to strengthen its foothold in the market. To make the matters worse, there were similar pressures coming from Saudi Arabia and the United Arab Emirates as well. In India, RIM conducted security tests and averted the ban, however, the matter was not settled for good.
The Indian government was persistent in its demands for having access to the information being shared through Blackberry Enterprise Server and it finally got its way.
The Department of Telecom has now set its sights on other enterprise servers and messaging platforms. It has decided to issue an advisory that all e-mail accessed in India should be routed through servers in India. This legal provision may require entities such as Skype, Google, Nokia’s intellisync e-mail, Microsoft’s Exchange active sync and Motorola’s mobile messaging to locate part of their IT infrastructure within the country in order to enable investigative agencies with ready access to encrypted data on their servers. Analysts said that this would definitely press these multinationals to respond to the advisory. Though there are no such reports of the government pushing the other players as of yet, it definitely is not going to be smooth sailing for them.
Country-specific infrastructure
Akhilesh Tuteja, Executive Director, IT Advisory Services, KPMG, viewed the situation as complex. He said, “While national security is something that cannot be taken lightly, it is quite difficult for a multinational player to build a country-specific infrastructure. This is not only technologically difficult but also not a very viable model commercially.”
He said that if a company did it for one country, there could be similar requests from other nations as well. Companies cannot go on building or setting up infrastructure specifically for each country of operation.
Besides, the story for RIM has been relatively simpler as the data sharing happens between two identified parties. “The identities of the sender and receiver is known and the architectures are same. But it is not possible for others to replicate this for all the other platforms and messaging services. Using a Skype platform, the communication could be with any device and service provider. In that case the architectures tend to get complex,” Tuteja explained.
Cloud bound by a geography
Another analyst, on conditions of anonymity said that the situation is quite ironic. The world is moving to an era of Cloud computing where the basic idea is that data could be stored and acted upon even if servers were located in distant lands. He pointed out that the Cloud services have always been looked at with skepticism due to security reasons. The industry has been making efforts to build confidence around the technology and assure the enterprises that the Cloud is a secure environment.
“The debate around the concept of having data in my land and I have the all the control is therefore not a new one,” he stressed.
When asked as to what was the logical way ahead for the players under scrutiny, will they have rip their existing data centers and replace them with new ones in the country? He said, “In matters of national security there is hardly any choice, but it will difficult to say what will be the right way of doing it. However, it is certain that this move will not be simple either of the two—the companies or the agencies.
The government will also need to upgrade its infrastructure and capacity to decrypt the BlackBerry data. This also increases RIM’s responsibility to secure enterprise data. An event of data leakage could have grave repercussions on its enterprise business and credibility. For now, BlackBerry users and service providers can relax and not worry about a cessation of services.
heena.jhingan@expressindia.com