Amy Davidson writes: Not every suspension-of-service notice for an e-mail company comes with a link to a legal-defense fund. Ladar Levison, the owner and operator of Lavabit, whose clients, reportedly, have included Edward Snowden, made it sound today as though he could use the help. “I have been forced to make a difficult decision: to become complicit in crimes against the American people or walk away from nearly ten years of hard work by shutting down Lavabit,” Levison wrote in a note posted on his site.
I wish that I could legally share with you the events that led to my decision. I cannot. I feel you deserve to know what’s going on—the first amendment is supposed to guarantee me the freedom to speak out in situations like this. Unfortunately, Congress has passed laws that say otherwise. As things currently stand, I cannot share my experiences over the last six weeks, even though I have twice made the appropriate requests.
As Kevin Poulsen and others have pointed out, our collective experience has prepared us to guess what is going on here: Levison got either a national-security letter “or a full blown search or eavesdropping warrant.” In the weeks since the Guardian and Washington Post first began publishing stories with Snowden’s documents, the picture of the National Security Agency’s domestic-surveillance practices that’s come together is different from the one most everyone held before we’d ever heard Snowden’s name. And it has left the Administration’s explanations of what it does and doesn’t do looking pretty spotty, and at times just false.
Rebecca Greenfield adds: Because of the type of encryption Lavabit uses, peer-to-peer, even if the government intercepted Snowden’s emails sent using Lavabit, it wouldn’t be able to read them without his encryption key. If the NSA was only after those old emails, shutting down Lavabit wouldn’t do them much good anyway. But if the government demanded that Lavabit install a method for monitoring its users communications, as in an ongoing data collection program like PRISM, shutting down would be a drastic-but-effective way to avoid participation. So far, only one company is known to have challenegd a FISA order of that kind: Yahoo, and it lost.
If Lavabit doesn’t exist, then the NSA can’t monitor it. Of course, that just means Snowden will have to find another ultra-secure email provider. Maybe he should consider a company with zero American ties, per Levison’s urging:
This experience has taught me one very important lesson: without congressional action or a strong judicial precedent, I would strongly recommend against anyone trusting their private data to a company with physical ties to the United States.