5 Things You Should Know About Lavabit: Edward Snowden, Encrypted Email And The NSA

  on

Lavabit, the encrypted email service used by Edward Snowden to contact journalists in June, has shut down. Creator Ladar Levison said in a message posted on Lavabit's website this week that he was under a gag order and could not discuss this situation.

“I have been forced to make a difficult decision: to become complicit in crimes against the American people or walk away from nearly 10 years of hard work by shutting down Lavabit,” Levison wrote.

Lavabit began offering encrypted email services in the wake of privacy concerns created by Google’s Gmail. It was developed by Texas-based programmers in 2004, and claimed a user base of 350,000. Snowden reportedly used the email address edsnowden@lavabit.com to email reporters confidential NSA information in June.

Here are five points to make about this latest striking development in the NSA saga:

1) The NSA is not merely collecting data on Americans in direct contact with foreign suspects.

The NSA is searching the content of “Americans’ e-mail and text communications into and out of the country,” not just those in direct contact with specific foreigners targeted overseas, the New York Times reported on Thursday. Americans who mention information related to foreigners already under scrutiny by the NSA are subjected to systematic searches by the NSA, without a warrant.

2) Lavabit has complied with federal requests in the past.

Lavabit complied with a federal search warrant targeting a child pornography suspect in June, according to Wired. Therefore, Levison is not necessarily taking action purely out of concern for customer privacy when it comes to legal requests. The Lavabit shutdown appears to be done in protest of the NSA’s secret wiretapping programs.

3) Creator Ladar Levison cannot explain Lavabit’s shutdown.

Levison does not say in his post why Lavabit has shut down, but it is probably due to the scandal around Snowden’s release of confidential NSA documents revealing such pervasive monitoring programs as PRISM, Boundless Informant and Xkeyscore (and perhaps others yet to be revealed).

“I feel you deserve to know what’s going on -- the First Amendment is supposed to guarantee me the freedom to speak out in situations like this,” Levison wrote on the site. “Unfortunately, Congress has passed laws that say otherwise.”

Levison says Lavabit will “suspend operations” and fight “for the Constitution in the Fourth Circuit Court of Appeals.” He does not rule out a comeback for the email service, although he says the experience taught him an important lesson: “(W)ithout congressional action or a strong judicial precedent, I would _strongly_ recommend against anyone trusting their private data to a company with physical ties to the United States.”

4) Lavabit is the first service to close down rather than comply with the U.S. government ...

Whereas Verizon, Google, Microsoft, Yahoo and a host of other online services have been cooperating with the FISA court when commanded to, Lavabit’s shutdown is the first scenario where a service has completely closed operations rather than comply with the federal government.

5) … but it is not the last.

Silent Circle, a company offering encrypted communications across phone, text, and email, also has suspended its encrypted email program, the Washington Post reported Friday. The company explained in a blog post that while phone, text and VoIP services were “designed to be end-to-end secure,” the nature of email technically does not allow a provider to completely wipe out the collection of metadata from its clients.

“Email that uses standard Internet protocols cannot have the same security guarantees that real-time communications has,” Silent Circle said in a statement. “There are far too many leaks of information and metadata intrinsically in the email protocols themselves. Email as we know it with SMTP, POP3, and IMAP cannot be secure.”

Follow Thomas Halleck on Twitter

Join the Discussion