Lavabit creator held in contempt for making a (tiny, tiny) point
Ladar Levison, creator of the Lavabit secure email service, has been held in contempt of court. At issue is the way the cantankerous entrepreneur responded to government requests for the private secure sockets layer (SSL) keys to his email service. Like a defiant child paying a fine with a bag of pennies, he delivered the keys, but did so in a "largely illegible" four-point font size.
Reactions from around the Web
The Guardian notes that the appellate court's decision circumscribes Levison's defense:
Instead of addressing the argument that providing such information could compromise his business, the court’s decision focuses on Lavabit’s procedural handling of its complaints.
'At an absolute minimum, if Lavabit believed that the turnover of the keys was invalid under the pen/trap order, then it should have acted once the district court’s August 1 order issued,' the court said. 'It did not.'
Levison has said he could have given investigators access to a single account like he had done in the past, but the nature of their request for 'live' access to user information would have compromised Lavabit’s entire system.
Wired points out that this is the first time the government has requested wholesale access to an email provider's network -- or at least the only one we know about:
The Lavabit case is the only publicly documented instance where a district judge ordered an internet company to hand over its SSL key to the U.S. government. If the practice had been given the imprimatur of the U.S. 4th Circuit Court of Appeals, it could have opened a new avenue for U.S. spies to expand their surveillance against users of U.S. internet services like Gmail and Dropbox.Levison speaks to Ars Technica about the ruling:
'The court focused its decision on procedural aspects of the case unrelated to the merits of Lavabit’s claims,' says ACLU attorney Brian Hauss, in a statement. 'On the merits, we believe it’s clear that there are limits on the government’s power to coerce innocent service providers into its surveillance activities.'
'I haven't read the court's opinion, nor sought advice from lawyers on any possible legal strategy, so that is still pending. My focus as of late has been on building a technological solution [in the form of the DarkMail Alliance]; which would take the decision away from the will of man.'Pando weighs in
Adam Penenberg argued that shutting Lavabit down because the government could monitor its communications might have been a bad idea:
You probably didn’t stop flying because you have to go through airport screeners, take off your shoes, let your laptop be X-rayed and your luggage possibly rummaged through by security personnel. You shouldn’t close your business either. Instead, level with your customers, tell them what the government is capable of doing, and allow them make up their own minds as to whether to do business with you or not.
Revelations aside, nothing has changed. The NSA monitored communications well before Edward Snowden leaked documents to Glenn Greenwald and Laura Poitras. It has long had the power of the subpoena to compel a business to hand over records and documents.
Shutting down won’t accomplish much. Staying open just might. [image via wikimedia]