Nokia Will Play By Indian Rules on Push Mail

Nokia plans to comply with Indian government rules for its push mail services, even as the government moves to tighten security and interception rules in the country.

Nokia said on Tuesday it is committed to protecting its users’ privacy while at the same time fulfilling its legal obligation to respond to demands from authorized government entities in their efforts to enforce laws. Nokia’s instant messaging and e-mail services were introduced as a beta in India last year.

“We are prepared to assist the applicable government authorities with their requests for a high degree of security, and we are in the process of installing the required infrastructure,” Nokia said.

The Indian government has been demanding greater access for its security agencies to online and mobile communications, as it believes that terrorists and other enemies of the state are increasingly using these technologies to coordinate their activities.

Nokia’s competitor, Research In Motion (RIM) denied a report on Tuesday in a local newspaper, The Economic Times, that it has reached an agreement with the Indian government, to allow Indian security services to monitor its BlackBerry services. “We are continuing a dialogue with the Indian government to arrive at a solution, and these are confidential in nature,” a spokesman said on Tuesday.

RIM is also under pressure to provide access by other governments. Some BlackBerry services will be suspended in the United Arab Emirates from Oct. 11 because the services do not fall in line with the country’s regulations, the UAE telecommunications regulator said on Sunday.

The BlackBerry security architecture for enterprise customers is based on a symmetric key system whereby only the customer ever possesses a copy of their encryption key, RIM said in a note to customers on Monday, that was also circulated to the media.

RIM does not possess a “master key,” nor does any “back door” exist in the system that would allow RIM or any third party to gain unauthorized access to the key or corporate data, it added.

This is a stand that RIM has taken previously in 2008 in a similar dispute with the Indian government. India’s Information Technology (Amendment) Act 2008 now makes it easier for India’s security agencies to demand that service providers should make decryption keys available to security agencies when required.

As part of its overall move to tighten security, the Indian government has also asked Indian telecommunications service providers to get their networks certified for network forensics, network hardening, network penetration test and risk assessment by government-approved, internationally accredited network audit and certification agencies. The government will also have access under the new rules to equipment software codes and hardware designs for inspection.

The move follows demands from telecom operators that they should be allowed to purchase equipment from Chinese vendors. Although the government says there is no ban on Chinese equipment, vendors like Huawei said purchases of their equipment have not been cleared by the government from February for security reasons. China and India went to war in 1962 and still have a border dispute.