BlackBerry ditching Priv updates is a frustrating missed opportunity

BlackBerry’s track history in the enterprise game and the marketing material plastered all over its website would lead anyone to believe that it’s one of the few smartphone companies actually taking the security issue seriously. So it was a little surprising to hear that BlackBerry is cancelling its smaller updates for the Priv, and so soon after declaring that it wouldn’t be providing a Nougat update to the handset either. It’s a disappointing situation for fans of the Priv, and even more disconcerting for customers who rely on BlackBerry to protect their sensitive information.

Now, I’m fully aware that providing long running updates for aging handsets that aren’t selling anymore is an expensive and often frustrating endeavor for OEMs. However, BlackBerry is missing a trick by not positioning itself as the major manufacturer with security at its forefront, by going a step further than the minimum two years of patches that almost every OEM promises.

The case for long-running security updates cannot be understated these days. Although there are plenty of reactionary scare stories about various vulnerabilities, the fact that our mobile devices are increasingly used to store sensitive banking information, make mobile payments, and secure our biometric data makes patching exploits regularly more important than three or four years ago. Not forgetting BlackBerry’s historic audience of business users looking for additional security and encryption for sensitive emails, contacts, documents, and the like.

Ditching this commitment to Priv owners is poor form. But just as importantly, this decision leaves customers uncertain about the state of similar update promises made for the KEYone, Motion, and DTEK series. Can we take BlackBerry more seriously on security matters than any other OEM anymore?

The crux of the matter, for me, is that this announcement isn’t just disappointing for Priv owners, it undermines the whole concept and potential of BlackBerry as the go-to brand for serious Android security. That’s a particularly disappointing revelation for the enterprise market, where companies need an OEM they can rely on to keep a fleet of handsets secure in the long term.

No one else, bar perhaps Google, has been tackling this issue seriously enough, and certainly no major brand has gone as far as BlackBerry in the amount of marketing emphasis placed on security. The company’s Document Locker and Privacy Shade are great features for the privacy conscious, as are the company’s Hub+ apps and its broader Secure Platform. However, without also ensuring that the operating system is kept up to date and secure too, the hard work on the software front is undermined.

I should make clear that BlackBerry isn’t completely ditching all its obligations with the Priv. The company states that it would “engage [its] partners as needed to develop and deliver necessary patches” should any critical problems arise, and that it would “fulfill all warranty obligations” regarding the handset. Even so, what counts as critical or only a moderate security issue, and how high up the priority queue the Priv would be for a fix are concerning unanswered questions.

Based on its well-earned historic reputation, BlackBerry could have owned the privacy and security niche in the Android space. A solution very much needed given the price comparison with Apple’s iPhones. Instead, BlackBerry may find that its potential customers flock to Apple for its ability to provide updates over many years, or to Samsung for the promises made by Knox.

BlackBerry’s compromise on this issue is the introduction of a “trade-up” program for Priv owners and those holding onto BB10 and BBOS devices. While all the details aren’t out in the open yet, the gist is that existing customers will be able to purchase a newer KEYOne or Motion handset with some sort of discount. Perhaps that will tide some customers over, but as I already mentioned, what happens if/when BlackBerry gives up on updates to these handsets within the next two years also?

No matter which way you slice it, BlackBerry failing to properly update the Priv to Nougat, not even Oreo, and refusing to extend important security updates beyond the “standard” 2 years promised by everyone else is an undeniable sign that the company isn’t willing to go the distance with security. That’s more than a little disappointing.