Or maybe “Should Be A Critical Element…” Because American business by and large doesn’t really care about security very much.
Thanks to Bruce Schneier we learn that the Indians are pushing to get the encryption keys to RIM’s BlackBerry system. What this means is that the messages sent to BlackBerrys in the field could be decrypted by the Indian government. Strangely, only non-corporate users are at risk for now.
How long do you think it will be before other governments get the keys in exactly the same way as the Indians did? How long do you think it will be before a corporate user is thought to be enough of a security concern that even corporate users must turn over keys?
The reason why this is significant for the BlackBerry vs iPhone situation is that the iPhone works differently. It doesn’t pass all messages through a server. It behaves like a computer connected to the internet, with a regular email client. So, as soon as someone is allowed to create an email client with encryption capabilities we will have secure mobile email. Apple has released the iPhone SDK, and is expected to unveil applications along with an improved version of the iPhone in June. It might even happen that Apple builds encryption into the mail client themselves.
The problem for RIM is that there is no way to do full decryption on the BlackBerry without doing it on their server, at least with their current software. Creating this after making deals with governments to provide access will be impossible.
So, if you believe in having privacy, and you conduct business overseas, it looks like BlackBerry isn’t the best choice.