When Government Demanded Lavabit

Before he was famous as the man who shut down his email service rather than “become complicit in crimes against the American people,” Lavabit owner Ladar Levison was a businessman whose company faced an existential threat from the United States Government—because he was trying to provide private email.

This week, a federal court unsealed documents that make the issues in the case clearer.

The government was trying to get access to information about one Lavabit account, widely believed to be that of NSA whistleblower Edward Snowden . (In the newly released documents, the target’s identity is redacted.) The information the government told Levison and the courts it was after was metadata on one user’s emails—to and from addresses and such, but not message contents. But in order to get at that information, the government demanded that Levison surrender encryption keys that would give it access to the metadata and the content of every message sent to or from any Lavabit user. It’s as if the government, wishing to learn the names of visitors to one apartment in a large complex, demanded to set up an airport-style nude scanner in the building’s front door—and this in a building that earned its tenants’ business by promising opaque windows and thick walls to protect their privacy.

The government promised to use a device that, while scanning every byte traveling to or from Lavabit’s server, would only actually tell officials the target’s metadata. That’s like promising to program the pornoscanner to report nothing but the names of the target apartment’s visitors.

Since the whole point of Lavabit—the reason customers were paying for Levison’s service instead of getting free email from, say, Google —was that Lavabit provided better privacy protections, compromising the security of the Lavabit system undermined the company’s core service. But the government never took that as a serious concern. Remarkably, even though one of the issues in the case was that the government wanted to ban Levison from disclosing what the government was doing to him and his customers, the government never (so far as the documents show) even made the argument that the secrecy would actually protect Lavabit by preventing its customers from knowing that Lavabit had become less secure. Nor did it offer to keep its scanning secret permanently, in order to protect Lavabit even when the government wanted to reveal its investigation.

Of course, for Levison to pretend to have a more secure email system than he did would have been to deceive his customers into buying his service—to defraud them. The fact that he fought to be able to say what he was being forced to do shows his honesty: he wanted to present his product accurately, even though some customers might judge his product inadequately secure.

Lavabit’s purpose was to secure its customers’ email; the federal government’s proper purpose is to secure its citizens’ rights . But where Levison struggled to be open about how well he was fulfilling his company’s purpose, the government fights for secrecy—not just as to the Lavabit case, but in a wide range of criminal and “national security” investigations, and even as to wide-ranging monitoring programs. That makes it hard for us to judge the government’s performance—and especially hard for us to judge the extent to which the government achieves the opposite of its proper purpose. Indeed, so long as its secrecy itself is secret, the government can deceive us into thinking we are safer than we are, especially from its own violations of our rights. Even if you don’t think the government’s privacy violations are a crime against the American people, at some point keeping them secret begins to resemble fraud.

‍