Michael Phillips writes: In mid-July, Tanya Lokshina, the deputy director for Human Rights Watch’s Moscow office, wrote on her Facebook wall that she had received an e-mail from edsnowden@lavabit.com. It requested that she attend a press conference at Moscow’s Sheremetyevo International Airport to discuss the N.S.A. leaker’s “situation.” This was the wider public’s introduction to Lavabit, an e-mail service prized for its security. Lavabit promised, for instance, that messages stored on the service using asymmetric encryption, which encrypts incoming e-mails before they’re saved on Lavabit’s servers, could not even be read by Lavabit itself.

Yesterday, Lavabit went dark. In a cryptic statement posted on the Web site, the service’s owner and operator, Ladar Levison, wrote, “I cannot share my experiences over the last six weeks, even though I have twice made the appropriate requests.” Those experiences led him to shut down the service rather than, as he put it, “become complicit in crimes against the American people.” Lavabit users reacted with consumer vitriol on the company’s Facebook page (“What about our emails?”), but the tide quickly turned toward government critique. By the end of the night, a similar service, Silent Circle, also shut down its encrypted e-mail product, calling the Lavabit affair the “writing [on] the wall.”

Which secret surveillance scheme is involved in the Lavabit case? The company may have received a national-security letter, which is a demand issued by a federal agency (typically the F.B.I.) that the recipient turn over data about other individuals. These letters often forbid recipients from discussing it with anyone. Another possibility is that the Foreign Intelligence Surveillance Court may have issued a warrant ordering Lavabit to participate in ongoing e-mail surveillance. We can’t be completely sure: as Judge Reggie Walton, the presiding judge of the FISA court, explained to Senator Patrick Leahy in a letter dated July 29th, FISA proceedings, decisions, and legal rationales are typically secret. America’s surveillance programs are secret, as are the court proceedings that enable them and the legal rationales that justify them; informed dissents, like those by Levison or Senator Ron Wyden, must be kept secret. The reasons for all this secrecy are also secret. That some of the secrets are out has not deterred the Obama Administration from prosecuting leakers under the Espionage Act for disclosure of classified information. Call it meta-secrecy. [Continue reading…]

The New York Times Editorial Board: It was bad enough in 2008 when Congress allowed the agency to spy without a warrant on e-mails and text messages between Americans and foreign targets of an investigation. That already strained the Fourth Amendment’s protections against illegal searches, but lawmakers decided it was justified as part of a terror investigation.

It turns out, as Charlie Savage revealed in The Times on Thursday, that the N.S.A. went far beyond those boundaries. Instead, it copies virtually all overseas messages that Americans send or receive, then scans them to see if they contain any references to people or subjects the agency thinks might have a link to terrorists.

That could very well include innocent communications between family members expressing fears of a terror attack. Or messages between an editor and a reporter who is covering international security issues. Or the privileged conversation between a lawyer and a client who is being investigated.

Data collection on this scale goes far beyond what Congress authorized, and it clearly shreds a common-sense understanding of the Fourth Amendment. It’s as if the government were telling its citizens not to even talk about security issues in private messages or else they will come to the attention of the nation’s spies. “By injecting the N.S.A. into virtually every crossborder interaction, the U.S. government will forever alter what has always been an open exchange of ideas,” said Jameel Jaffer, the deputy legal director of the American Civil Liberties Union.

Obama administration officials justified this unwarranted expansion of surveillance powers with the usual hairsplitting arguments over semantics. It’s not “bulk collection” of messages if the messages aren’t stored, they said (even if every message is analyzed by supercomputers as it is sent). It’s legitimate to search through conversations “about” a target, even if the target isn’t part of the conversation. Naturally, the Foreign Intelligence Surveillance Court approved these half-baked assertions with a secret opinion.

The disclosure of this practice makes it more urgent than ever that Congress clamp down on what is unquestionably the bulk collection of American communications and restrict it to clear targets of an investigation. Despite President Obama’s claim this week that “there is no spying on Americans,” the evidence shows that such spying is greater than the public ever knew.

IDG News Service reports: Silent Circle also shuttered its encrypted email service a few hours after Lavabit shut down citing an ongoing legal battle.

“We see the writing the wall, and we have decided that it is best for us to shut down Silent Mail now,” Silent Circle wrote in a blog post on Friday in reference to the closure by Lavabit.

The company, with U.S. headquarters in Maryland, said it had not received subpoenas, warrants, security letters, or anything else from any government, and “this is why we are acting now.”

The closure of Lavabit and Silent Circle reflect concern among email providers about government orders for customer data under the U.S. Foreign Intelligence Surveillance Act. Most of these come in the form of “gag orders” that prohibit the service providers from discussing in public the orders for disclosure of customer data. [Continue reading…]

Electronic Frontier Foundation: An important New York Times investigation from today [Thursday] reporting that the NSA “is searching the contents of vast amounts of Americans’ e-mail and text communications into and out of the country,” coupled with leaked documents published by the Guardian, seriously calls into question the accuracy of crucial statements made by government officials about NSA surveillance.

The government has previously tried to reassure the public about its use of FISA Amendments Act Section 702 surveillance practices, emphasizing that, under Section 702, the government may not “intentionally target any U.S. citizen, any other U.S. person, or anyone located within the United States.” Indeed, the chair of the Senate Intelligence Committee Senator Feinstein, in a letter to constituents who wrote to her expressing concern about the NSA’s spying program, said this: “[T]he government cannot listen to an American’s telephone calls or read their emails without a court warrant issued upon a showing of probable cause.”

We’ve written before about the word games the government plays in describing its surveillance practices: “acquire,” “collect,” and “content” are all old government favorites. The New York Times report proves Feinstein statement is false, and it’s clear it’s time to add “target” to the list of word games as well.

First, at least this much is clear: a “target” under the FAA must be (a) a non-US person and (b) not physically located within the United States. A “person,” for purposes of the FAA, includes individuals as well as “any group, entity, association, corporation, or foreign power.” Under the FAA, the government can thus “target” a single individual (e.g., Vladimir Putin), a small group of people (e.g., Pussy Riot), or a formal corporation or entity (e.g., Gazprom).

So, when the NSA decides to “target” someone (or something), it turns its specific surveillance vacuum at them. The NSA then believes it can intercept and analyze all electronic communications of the target (telephone conversations, email conversations, chat, web browsing, etc) so long as the “target” is overseas and remains overseas. As others have noted, this includes conversations the “target” has with Americans, which would then be “incidentally” collected. Keep in mind this does not require a warrant or even the approval of a court, which is only one way Senator Feinstein’s reassurance was demonstrably false. But there’s still more. [Continue reading…]

Amy Davidson writes: Not every suspension-of-service notice for an e-mail company comes with a link to a legal-defense fund. Ladar Levison, the owner and operator of Lavabit, whose clients, reportedly, have included Edward Snowden, made it sound today as though he could use the help. “I have been forced to make a difficult decision: to become complicit in crimes against the American people or walk away from nearly ten years of hard work by shutting down Lavabit,” Levison wrote in a note posted on his site.

I wish that I could legally share with you the events that led to my decision. I cannot. I feel you deserve to know what’s going on—the first amendment is supposed to guarantee me the freedom to speak out in situations like this. Unfortunately, Congress has passed laws that say otherwise. As things currently stand, I cannot share my experiences over the last six weeks, even though I have twice made the appropriate requests.

As Kevin Poulsen and others have pointed out, our collective experience has prepared us to guess what is going on here: Levison got either a national-security letter “or a full blown search or eavesdropping warrant.” In the weeks since the Guardian and Washington Post first began publishing stories with Snowden’s documents, the picture of the National Security Agency’s domestic-surveillance practices that’s come together is different from the one most everyone held before we’d ever heard Snowden’s name. And it has left the Administration’s explanations of what it does and doesn’t do looking pretty spotty, and at times just false.

Rebecca Greenfield adds: Because of the type of encryption Lavabit uses, peer-to-peer, even if the government intercepted Snowden’s emails sent using Lavabit, it wouldn’t be able to read them without his encryption key. If the NSA was only after those old emails, shutting down Lavabit wouldn’t do them much good anyway. But if the government demanded that Lavabit install a method for monitoring its users communications, as in an ongoing data collection program like PRISM, shutting down would be a drastic-but-effective way to avoid participation. So far, only one company is known to have challenegd a FISA order of that kind: Yahoo, and it lost.

If Lavabit doesn’t exist, then the NSA can’t monitor it. Of course, that just means Snowden will have to find another ultra-secure email provider. Maybe he should consider a company with zero American ties, per Levison’s urging:

This experience has taught me one very important lesson: without congressional action or a strong judicial precedent, I would strongly recommend against anyone trusting their private data to a company with physical ties to the United States.

The New York Times reports: The National Security Agency is searching the contents of vast amounts of Americans’ e-mail and text communications into and out of the country, hunting for people who mention information about foreigners under surveillance, according to intelligence officials.

The N.S.A. is not just intercepting the communications of Americans who are in direct contact with foreigners targeted overseas, a practice that government officials have openly acknowledged. It is also casting a far wider net for people who cite information linked to those foreigners, like a little used e-mail address, according to a senior intelligence official.

While it has long been known that the agency conducts extensive computer searches of data it vacuums up overseas, that it is systematically searching — without warrants — through the contents of Americans’ communications that cross the border reveals more about the scale of its secret operations.

It also adds another element to the unfolding debate, provoked by the disclosures of Edward J. Snowden, the former N.S.A. contractor, about whether the agency has infringed on Americans’ privacy as it scoops up e-mails and phone data in its quest to ferret out foreign intelligence. [Continue reading…]

Reuters reports: Details of a U.S. Drug Enforcement Administration program that feeds tips to federal agents and then instructs them to alter the investigative trail were published in a manual used by agents of the Internal Revenue Service for two years.

The practice of recreating the investigative trail, highly criticized by former prosecutors and defense lawyers after Reuters reported it this week, is now under review by the Justice Department. Two high-profile Republicans have also raised questions about the procedure.

A 350-word entry in the Internal Revenue Manual instructed agents of the U.S. tax agency to omit any reference to tips supplied by the DEA’s Special Operations Division, especially from affidavits, court proceedings or investigative files. The entry was published and posted online in 2005 and 2006, and was removed in early 2007. The IRS is among two dozen arms of the government working with the Special Operations Division, including the Federal Bureau of Investigation, the National Security Agency and the Central Intelligence Agency.

An IRS spokesman had no comment on the entry or on why it was removed from the manual. Reuters recovered the previous editions from the archives of the Westlaw legal database, which is owned by Thomson Reuters Corp, the parent of this news agency.

As Reuters reported Monday, the Special Operations Division of the DEA funnels information from overseas NSA intercepts, domestic wiretaps, informants and a large DEA database of telephone records to authorities nationwide to help them launch criminal investigations of Americans. The DEA phone database is distinct from a NSA database disclosed by former NSA contractor Edward Snowden.

Monday’s Reuters report cited internal government documents that show that law enforcement agents have been trained to conceal how such investigations truly begin – to “recreate” the investigative trail to effectively cover up the original source of the information.

DEA officials said the practice is legal and has been in near-daily use since the 1990s. They have said that its purpose is to protect sources and methods, not to withhold evidence.

Defense attorneys and some former judges and prosecutors say that systematically hiding potential evidence from defendants violates the U.S. Constitution. [Continue reading…]