Future Tense

Snowden’s Email Provider Hints Abrupt Shutdown About Protecting Thousands of Users’ Privacy

Last week, the privacy-focused email provider used by NSA leaker Edward Snowden abruptly closed down, issuing a cryptically-worded statement about government interference. Now, the provider’s founder has offered some more insight into the decision.

In an interview with CNET on Friday, Lavabit’s Ladar Levison answered a series of questions about why he took the extraordinary step of suddenly shutting down email access for its more than 410,000 users. Levison, who appears to be under some sort of secret surveillance gag order, is unable to reveal specific details. However, he told CNET that the shutdown “wasn’t about protecting a single user, but protecting the privacy of all my users.” And he also added that it had “become clear” that there were “no protections in our current body of law to keep the government from compelling us to provide the information necessary to decrypt” communications.

Lavabit had offered its users the ability to store their emails using strong encryption, and before the closure, the Texas-based company had boasted on its website that “once a message is stored on our servers in this [encrypted] fashion, it can’t be recovered without knowing a user’s password.” It appears likely that, as Levison hints in the CNET interview, Lavabit was served with some sort of secret order demanding that it make encrypted emails accessible to the government. And it seems clear that the order had sweeping ramifications for Lavabit as a service, as opposed to being about fighting surveillance of a single user, like Snowden. Levison says in the interview that Lavabit had received “a couple of dozen court orders served to us over the past 10 years, but they’ve never crossed the line.” He added that “crossing the line” would mean “to violate the privacy of all of my users,” saying that he would “rather shut down my service and my primary source of income than be complicit in crimes against the American people.”

There remain a number of unanswered questions about the incident. In particular: When and why did the government start going after Lavabit? Levison has said that the debacle began about six weeks ago, which was shortly before it was publicly disclosed that Snowden was using the service to communicate with human rights groups. It is possible that the government’s targeting of Lavabit was linked to Snowden—either directly or indirectly—though we can only speculate until further information is made available. Levison has said that he intends to fight the government over its apparent surveillance demands and is taking up a case in the Fourth Circuit Court of Appeals.

Incidentally, shortly after Lavabit announced its closure last week, another encrypted email provider abruptly shut down. Silent Circle, headquartered in Washington, D.C., said in a blog post that it had decided to take pre-emptive action because the Lavabit development had shown how encrypted email could not remain secure. “We wanted to be proactive because we knew [the U.S. government] would come after us due to the sheer amount of people who use us,” Mike Janke, Silent Circle’s CEO, told TechCrunch. The company will continue to offer its peer-to-peer encrypted text and phone apps, but “email is broken,” according to Janke.