CommunityThe Dissenter

Email Service Snowden Was Reportedly Using Shuts Down

Update: Silent Circle follows suit.

The owner of Lavabit, an email service believed to be better focused on privacy and security for users than Gmail, has decided to shut down the service. It is notable because this is the service that former NSA contractor Edward Snowden, who blew the whistle on US government surveillance programs, was reportedly using.

When Snowden requested a meeting with human rights lawyers at the Sheremetyevo Airport in Moscow, he sent his request to organizations or groups from a Lavabit email address.

Owner and operator of Lavabit, Ladar Levison posted, “I have been forced to make a difficult decision: to become complicit in crimes against the American people or walk away from nearly ten years of hard work by shutting down Lavabit.”

“After significant soul searching, I have decided to suspend operations,” he stated. “I wish that I could legally share with you the events that led to my decision. I cannot. I feel you deserve to know what’s going on–the first amendment is supposed to guarantee me the freedom to speak out in situations like this. Unfortunately, Congress has passed laws that say otherwise. As things currently stand, I cannot share my experiences over the last six weeks, even though I have twice made the appropriate requests.”

That suggests that Lavabit probably received a national security letter (NSL) from the Federal Bureau of Investigation (FBI). NSLs are requests by the FBI made for personal and sensitive information of users under investigation. They also are issued with an accompanying gag order to prevent companies from publicly disclosing details on investigations into users.

A district court in California in March ruled that such gag orders “significantly infringe upon speech regarding controversial government powers.”

In acknowledging the unnecessary restriction on speech, the court explicitly highlighted how this is impacting public policy by ensuring recipients cannot join “continuing public debate over NSLs.” The court noted NSLs had “spawned a series of Congressional hearings, academic commentary and press coverage.” The provisions effectively ensure recipients cannot participate in this debate. “Indeed, at oral argument,” according to the court, the company that was the plaintiff in the lawsuit “was adamant about its desire to speak publicly about the fact that it received the NSL at issue to further inform the ongoing public debate.”

Effectively, the owner of Lavabit and its staff can say nothing about any FBI requests for data on Snowden’s email account and why they are challenging the request for data.

Levison added, “What’s going to happen now? We’ve already started preparing the paperwork needed to continue to fight for the Constitution in the Fourth Circuit Court of Appeals. A favorable decision would allow me [to] resurrect Lavabit as an American company.” In other words, he is seeking to challenge the gag order imposed on Lavabit and the request for Snowden’s user data.

The request may be overly broad and expose people who communicated with Snowden to an investigation that would violate their constitutional rights to privacy. (Lavabit also could have received a search warrant instead of an NSL.)

Finally, Levison wrote, “This experience has taught me one very important lesson: without congressional action or a strong judicial precedent, I would _strongly_ recommend against anyone trusting their private data to a company with physical ties to the United States.”

This is quite a statement. It is probably an expression of the realization that no matter how much a company wants to fight that company may be powerless in the face of the government. However, some might read it and think about how US companies are overly compliant with the US government in investigations where user data is requested.

According to the Electronic Frontier Foundation, there are companies, like Sonic.net and Twitter, that have stood up to the US government on behalf of users. Sonic.net challenged a government demand for the data of Tor software developer and former WikiLeaks volunteer Jacob Appelbaum. Twitter challenged requests for user data of three individuals who worked on the release of the “Collateral Murder” video for WikiLeaks—Appelbaum, Roy Gonggrijp and Icelandic parliamentarian Birgitta Jonsdottir.

Google has proven itself capable of standing up for users as well. EFF noted the company resisted a “Justice Department subpoena for search logs in 2006,” went to court to defend the privacy of Appelbaum “whose information was sought in the WikiLeaks investigation,” and challenged an NSL in court weeks after the district court ruling in California.

This appeared to be the “first time a major communications company” had “pushed back after getting a so-called National Security Letter,” EFF told Bloomberg.

There, however, are obviously no guarantees. Companies may stick up for users. They may decide not to stick up for users.

The laws are certainly rigged to give national security or intelligence agencies the maximum ability to seize data from users for the purposes of any investigation. When companies are sent requests for data, there is only so much they can legally do, which is why Levison made such a statement at the end of the notice he posted to Lavabit’s website.

 

CommunityFDL Main BlogThe Dissenter

Email Service Snowden Was Reportedly Using Shuts Down

Update: Silent Circle follows suit.

The owner of Lavabit, an email service believed to be better focused on privacy and security for users than Gmail, has decided to shut down the service. It is notable because this is the service that former NSA contractor Edward Snowden, who blew the whistle on US government surveillance programs, was reportedly using.

When Snowden requested a meeting with human rights lawyers at the Sheremetyevo Airport in Moscow, he sent his request to organizations or groups from a Lavabit email address.

Owner and operator of Lavabit, Ladar Levison posted, “I have been forced to make a difficult decision: to become complicit in crimes against the American people or walk away from nearly ten years of hard work by shutting down Lavabit.”

“After significant soul searching, I have decided to suspend operations,” he stated. “I wish that I could legally share with you the events that led to my decision. I cannot. I feel you deserve to know what’s going on–the first amendment is supposed to guarantee me the freedom to speak out in situations like this. Unfortunately, Congress has passed laws that say otherwise. As things currently stand, I cannot share my experiences over the last six weeks, even though I have twice made the appropriate requests.”

That suggests that Lavabit probably received a national security letter (NSL) from the Federal Bureau of Investigation (FBI). NSLs are requests by the FBI made for personal and sensitive information of users under investigation. They also are issued with an accompanying gag order to prevent companies from publicly disclosing details on investigations into users.

A district court in California in March ruled that such gag orders “significantly infringe upon speech regarding controversial government powers.”

In acknowledging the unnecessary restriction on speech, the court explicitly highlighted how this is impacting public policy by ensuring recipients cannot join “continuing public debate over NSLs.” The court noted NSLs had “spawned a series of Congressional hearings, academic commentary and press coverage.” The provisions effectively ensure recipients cannot participate in this debate. “Indeed, at oral argument,” according to the court, the company that was the plaintiff in the lawsuit “was adamant about its desire to speak publicly about the fact that it received the NSL at issue to further inform the ongoing public debate.”

Effectively, the owner of Lavabit and its staff can say nothing about any FBI requests for data on Snowden’s email account and why they are challenging the request for data.

Levison added, “What’s going to happen now? We’ve already started preparing the paperwork needed to continue to fight for the Constitution in the Fourth Circuit Court of Appeals. A favorable decision would allow me [to] resurrect Lavabit as an American company.” In other words, he is seeking to challenge the gag order imposed on Lavabit and the request for Snowden’s user data.

The request may be overly broad and expose people who communicated with Snowden to an investigation that would violate their constitutional rights to privacy. (Lavabit also could have received a search warrant instead of an NSL.)

Finally, Levison wrote, “This experience has taught me one very important lesson: without congressional action or a strong judicial precedent, I would _strongly_ recommend against anyone trusting their private data to a company with physical ties to the United States.”

This is quite a statement. It is probably an expression of the realization that no matter how much a company wants to fight that company may be powerless in the face of the government. However, some might read it and think about how US companies are overly compliant with the US government in investigations where user data is requested.

According to the Electronic Frontier Foundation, there are companies, like Sonic.net and Twitter, that have stood up to the US government on behalf of users. Sonic.net challenged a government demand for the data of Tor software developer and former WikiLeaks volunteer Jacob Appelbaum. Twitter challenged requests for user data of three individuals who worked on the release of the “Collateral Murder” video for WikiLeaks—Appelbaum, Roy Gonggrijp and Icelandic parliamentarian Birgitta Jonsdottir.

Google has proven itself capable of standing up for users as well. EFF noted the company resisted a “Justice Department subpoena for search logs in 2006,” went to court to defend the privacy of Appelbaum “whose information was sought in the WikiLeaks investigation,” and challenged an NSL in court weeks after the district court ruling in California.

This appeared to be the “first time a major communications company” had “pushed back after getting a so-called National Security Letter,” EFF told Bloomberg.

There, however, are obviously no guarantees. Companies may stick up for users. They may decide not to stick up for users.

The laws are certainly rigged to give national security or intelligence agencies the maximum ability to seize data from users for the purposes of any investigation. When companies are sent requests for data, there is only so much they can legally do, which is why Levison made such a statement at the end of the notice he posted to Lavabit’s website.

Previous post

Militant Islamist Ideology Expert Testifies No Evidence Al Qaeda Used WikiLeaks Documents to Launch Attacks

Next post

Rubio Drops Significantly in New Hampshire During Immigration Push

Kevin Gosztola

Kevin Gosztola

Kevin Gosztola is managing editor of Shadowproof. He also produces and co-hosts the weekly podcast, "Unauthorized Disclosure."

27 Comments