Canadian police have been in possession of a BlackBerry master encryption key since 2010, according to a pair of blockbuster reports today from Vice News and its sister site Motherboard. The reports say the Royal Canadian Mounted Police (RCMP) used the key in a criminal investigation between 2010 and 2012 to intercept over one million BlackBerry messages sent using its proprietary BBM service.
It's unclear how the RCMP obtained the key because discussions on the matter in court remain heavily redacted in court documents. But those documents now confirm police keep a server in Ottawa to "simulates a mobile device that receives a message intended for [the rightful recipient]," Vice reports. From there, the "BlackBerry interception and processing system" decrypts the message using the master key. It's also unclear whether the key has since been changed, and if Canadian police forces are continuing to use the interception system.
The RCMP intercepted over one million BlackBerry messages between 2010 and 2012
BlackBerry has for some time used a global encryption key it says only it possesses to seal off BBM messages to and from its devices. The company has shied away from saying these communications are completely protected, and CEO John Chen has said in the past his company is willing to cooperate with law enforcement under special circumstances. "We reject the notion that tech companies should refuse reasonable, lawful access requests," he wrote on BlackBerry's blog last year. Nonetheless, the revelations are chilling, raising the possibility that Canadian BlackBerry owners have for years been vulnerable to government surveillance. As Vice writes:
And if the global key is still sitting on a server in the RCMP's headquarters, the potential consequences could be significant. Although it wouldn't offer police a backdoor into most of its government and business clients, who make up BlackBerry's core constituency, it would mean that police enjoyed years of access to Canadians' personal cellphones without the public being any the wiser.
It's worth noting BlackBerry's enterprise-grade encryption for businesses allows those companies to use their own key. So the RCMP's system does not appear to allow Canada police to decrypt corporate communications. However, the reports explain how thousands of BlackBerry users' messages were scooped up as part of "Project Clemenza," a RCMP investigation into a mafia-related murder. After members of a Montreal crime gang pled guilty in 2011 to having played a role in the murder, some 3,000 court documents were made public and later obtained by Vice.
Police intercepted BlackBerry messages as part of Project Clemenza
Device encryption is a hot topic in the tech industry given the recent showdown between Apple and the FBI. Whether tech companies should cooperate with law enforcement by either creating backdoors into devices or aiding police in special investigations is a legal grey area. Apple refused the government's requests to break into the iPhone of San Bernardino shooter Syed Farook and wanted the matter settled by Congress. Yet the FBI managed to break into the device using a third-party method, leaving the situation unsettled. A separate case in New York regarding an iPhone involved in a methamphetamine smuggling case is set to continue as both Apple and the FBI are trying to set a legal precedent for future cases.
Whether BlackBerry has worked closely with the Canadian government, and whether it continues to do so, is an open question. The company declined to comment when asked by Vice, as did the RCMP. But the documents indicate the RCMP and BlackBerry have communicated about intercepting messages and the phone maker may have provided assistance. In one transcript, RCMP inspector Mark Flynn testified to advise against revealing details about the encryption key because it could harm BlackBerry's business. "It is not a good marketing thing to say we work with the police," Flynn reportedly said.
Update at 6:27PM ET on Thursday, April 14th: Clarified that BlackBerry encrypts messages with a global encryption key sent using its BBM service, not standard text messages or messages sent using other apps.