NOC all its crackberried up to be

Research in Motion (RIMM) is Baruch’s bugbear. He has missed the stock completely, it is a huge winner, up over 100% in the past 12 months. So he feels some Schadenfreude over their latest client loss.

However, he thinks the main point is being lost amid the ballyhoo of the French government’s decision to ban the use of RIMM’s blackberry by its higher level ministers and those in possession of state secrets. Silly French, say the blogs, often adding unnecessary remarks about cowardice and cheese. Baruch’s own beloved Swiss employer, a venerable private bank which shall remain nameless, and which has on its books a number of clients for whom confidentiality is, shall we say, an important concern, made the decision to do the same for its staff some time ago. Baruch is pleased, not having a blackberry gives him a semblance of privacy while on the road, and a certain curmudgeonly satisfaction; in a small way he feels he is standing athwart the path of history and yelling “Stop!”.

Anyway, the point is not that RIMM’s security set up, where everything goes through a central Network Operating Center (or NOC) is in fact insecure. It has double-super-secret encryption layers piled on each other like onion flesh. It is not that RIMM is untrustworthy, or incompetent. The point is surely that data in the NOC may eventually be subject to a subpeona by a US state agency (in fact, we know going without a subpeona seems to work quite well too). US companies (RIMM is Canadian, but 80% of its business must be in the US) are known to respond favourably to “requests” by the government for access to confidential client data. Verizon and AT&T have no qualms about giving up your secrets to Homeland Security in the name of the GWOT. Why, ask the French, and my IT department, is it safe to assume RIMM would not?

RIMM swears blind it has no access itself to the content of the data that passes through its NOC, but then again, RIMM claims the NOC is the key to the security of its system, filtering dangerous content such as viruses, spam and whatnot through its veeblefitzers and triple-redundant doodads (a technical term, don’t worry). Do you really want to bet they haven’t got a backdoor? Baruch is with the French. This is not a judgement on RIMM, it is the reasonable distrust that any sane foreign government and enterprise with a sensitive client base should have in the good faith of the US government, not just in its current iteration.