​Deal in the works? BlackBerry delays Pakistan retreat by one month

Hours after BlackBerry announced it would leave Pakistan immediately due to unacceptable surveillance demands, the company said it will stay for at least one more month.

The Pakistani government’s request to have a backdoor on all communications on BlackBerry Enterprise Service (BES) would see its withdrawal from the nation on November 30, the Canadian company announced on Monday. However, BlackBerry has now said it will defer that action until December 30.

“The Government of Pakistan has notified BlackBerry that it has extended its shutdown order from November 30 to December 30. BlackBerry will delay its exit from the Pakistan market until then,” wrote BlackBerry’s chief operating officer, Marty Beard, on BlackBerry’s official blog late on Monday.

BlackBerry BES, including BES email and BBM messages, was to be blacklisted on Pakistani mobile networks by the beginning of December under an order issued by the Pakistan Telecommunications Authority in July.

Pakistani online rights group Bytesforall in July published a leaked official document revealing the government had ordered three Pakistini mobile networks to shut BES connections down by 30 November “without fail” due to “serious concerns”. There were no other reasons given for shutdown in the document.

The assumption might be that the Pakistani government ordered the shutdown for national security reasons, however BlackBerry’s Beard (prior to the one month extension) said that was not the case.

“Pakistan’s demand was not a question of public safety; we are more than happy to assist law enforcement agencies in investigations of criminal activity. Rather, Pakistan was essentially demanding unfettered access to all of our BES customers’ information,” he said.

A distinction needs to be drawn between BES — solely for enterprise customers — and BlackBerry’s services for consumers.

BlackBerry in 2010 faced a similar block in India over the government’s wish to access BES messages and email. Blackberry in 2011 gave carriers the ability to intercept the content of messages on its consumer services, including consumer BBM and Blackberry Internet Service, but held that access to messages on its corporate BES was infeasible due to it’s encryption set-up. BlackBerry and the Indian government appeared to have negotiated a truce in 2013, in which the government could access BES user names but not the content of messages.

The issues BlackBerry faced in India and the Middle East back then in many ways mirrors the current debate in the US over whether Apple and Google should be required by law to offer so-called master keys to the government that would enable it to bypass encryption.

According to Beard, the Pakistani government “wanted the ability to monitor all BlackBerry Enterprise Service traffic in the country, including every BES e-mail and BES BBM message” and insisted that Blackberry has “never done this anywhere in the world.”

BlackBerry’s handset business hangs in the balance amid its latest move for survival, the Android-powered Priv, a privacy-focussed device. However, it’s also squeezing everything it can from its legacy as a secure communications platform provider in an enterprise market where it’s hardware has been sidelined by Apple or Google Android devices.

Needless to say, BlackBerry does not want to be seen to be giving up too easy on this front, though it's compromised before and may still need to rework its parting words.

“Although the Pakistani government’s directive was aimed only at our BES servers, we have decided to exit the market altogether,” Beard said prior to Pakistan’s one month extension.

“Pakistan’s demand for open access to monitor a significant swath of our customers’ communications within its borders left us no choice but to exit the country entirely.”

Security ALERT!

Read more: National cybersecurity capability needs decades of “fresh thinking” on skills, private-sector partnerships: ACCS

Need help making the right choice for you business? Need to update your system but don't know where to start? CSO can help, check out our security hub today.

Gigamon Transform Security Zone

Join the CSO newsletter!

Error: Please check your email address.

Tags BlackberrypakistanPakistani governmentlaw enforcementBlackBerry Enterprise Service (BES)unacceptable surveillance demandsCSO Australia

More about AppleBlackBerryCSOGigamonGoogle

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Liam Tung

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place