An important message for you from Amy Goodman

Your Donation: $
Monday, October 7, 2013 FULL SHOW | HEADLINES | PREVIOUS: Is Obamacare Enough? Without Single-Payer, Patchwork...
2013-10-07

Lavabit: How One Company Refused to Give FBI "Unrestricted" Access to Emails of 400,000 Customers

DONATE →
This is viewer supported news

In August, Lavabit became the first technology firm to shut down rather than disclose information to the U.S. government. Lavabit owner Ladar Levison closed his encrypted email company after refusing to comply with a government effort to tap his customers’ information. It has now been confirmed the FBI was targeting National Security Agency leaker Edward Snowden, who used Lavabit’s services. But Levison says that instead of just targeting Snowden, the government effectively wanted access to the accounts of 400,000 other Lavabit customers. Levison now says that since first going public he has been summoned before a grand jury, fined $10,000 for handing over encryption keys on paper instead of digitally, and threatened with arrest for speaking out. The Justice Department began targeting Labavit the day after Snowden revealed himself as the source of the NSA leaks. Levison joins us to discuss his case along with his attorney, Jesse Binnall. "What they wanted was the ability, basically, to listen to every piece of information coming in and out of my network," Levison says.

Transcript

This is a rush transcript. Copy may not be in its final form.

AMY GOODMAN: We turn now to Lavabit, the first technology firm to take the decision to shut down rather than disclose information to the federal government. In August, Lavabit owner Ladar Levison shut down his company after refusing to comply with a government effort to tap his customers’ information. Levison has now confirmed the FBI was targeting NSA leaker Edward Snowden, who used Lavabit’s services. But, he says, instead of just targeting Snowden, the government effectively wanted access to the accounts of 400,000 other Lavabit customers, forcing his decision to close. He now says that since first going public he’s been summoned before a grand jury, fined $10,000 for handing over encryption keys on paper instead of digitally, and threatened with arrest for speaking out. The Justice Department began targeting Lavabit the day after Snowden revealed himself as the source of the NSA leaks.

To talk about the case, we are joined by Ladar Levison, founder, owner and operator of the email provider Lavabit. In Washington, D.C., we’re joined by his lawyer, Jesse Binnall.

Welcome, both, to Democracy Now! It’s great to have you back, Ladar. Explain to us what happened.

LADAR LEVISON: Yeah, well, I think it’s important, just so you don’t get me in trouble, Amy, I still can’t confirm who the subject of the investigation was. That’s the one piece of information they’ve kept redacted. But—

AMY GOODMAN: You mean you can’t confirm it was Edward Snowden.

LADAR LEVISON: I can’t confirm that, no. But what I can say is that what they wanted was the ability to basically listen to every piece of information coming in and out of my network. And, effectively, what they needed were my SSL private keys. For those at home that don’t know what SSL is, it’s the little lock icon in your web browser. SSL is the technology that effectively secures all communication on the Internet, between websites, between mail servers. It secures instant messages. And it represents the identity of a business online. And they effectively wanted that from me, a very closely guarded secret, something I’ve compared to the secret formula for Coca-Cola, so that they could masquerade as me or as my business on the Internet and intercept all of the communications coming in.

AMY GOODMAN: How did they come to you?

LADAR LEVISON: They knocked on my door. They left a business card on my door sometime in May, and then we ended up linking up via email and setting up an appointment. And they came by my office, and we sat down, and I spent a couple hours explaining to them the nature of my system and the nature of my business. Now, it’s probably important to mention that, at least in May, they still didn’t know—at least the agents that approached me—who the target of the investigation was.

But I had pretty much have forgotten about it, until they came back at the end of June with their pen/trap and trace order, which is a law that’s been on the books for 40 years that allows federal law enforcement to basically put a listening device on a telephone or a network to collect meta-information. It’s just that in this case, the meta-information that they wanted was encrypted. So they wanted to peel back the encryption on everyone’s information as they were connecting to my server, just so that they could listen to this one user. But yet, at the same time, they wouldn’t provide any kind of transparency back to me to assure me that they were only collecting information on one user. And I had a real problem with that. Given the sensitivity of the information that they were asking for, and given how it would harm my reputation if I let—if they ended up violating the court order, I just didn’t feel it was appropriate to give them the access that they wanted. So I recruited Jesse, who we’ll hear from in a minute, and he’s been helping me fight that request ever since.

AMY GOODMAN: When the federal judge unsealed the documents in the case, allowing you to speak more candidly—let me ask Jesse Binnall this question—why did the judge do that?

JESSE BINNALL: Well, actually, the order unsealing the case is still at least partially under seal, but what we can say is that we had made a motion—actually, two motions—one Ladar made himself before I was even involved in the case—to unseal this case and to get rid of the nondisclosure obligations on Ladar over a month ago. And now that there’s an appeal pending in the Fourth Circuit, the court has finally lifted the majority of the privacy and the sealed nature of the case, and so we can finally talk about the record of everything that Ladar did go through now.

AMY GOODMAN: And so, what is happening right now, Jesse Binnall? Where does this case stand?

JESSE BINNALL: Well, right now we actually still have some legal issues pending at various stages of the process, but the majority of what’s going on right now is there’s an appeal that has been noted in the Fourth Circuit Court of Appeals, and there’s a brief that will be filed by Ladar’s legal team here within the next few days outlining our position on why the actions taken by the government are both unconstitutional and violate statute.

AMY GOODMAN: What exactly is at stake, Jesse Binnall?

JESSE BINNALL: What’s at stake is the privacy issues of all Americans when they deal with communications by methods like email, when there’s a third party involved, like Ladar’s is a third party that facilitates people’s communications, and whether the Fourth Amendment protects those communications.

LADAR LEVISON: Amy—

JESSE BINNALL: The Fourth Amendment was—

LADAR LEVISON: I was just going to say, Jesse, I think what’s important to highlight here is that what’s at stake is trust, trust on the Internet.

JESSE BINNALL: Absolutely, yes.

LADAR LEVISON: Can you trust—when you’re connected to PayPal, can you trust your browser to actually be communicating with PayPal or your bank, or is somebody in the middle? And these private keys that they were demanding are the technological mechanism for guaranteeing that trust. And by removing our ability to protect them, they’re effectively violating that—forcing us to violate that trust.

AMY GOODMAN: I asked you when you came on the show before, Ladar, if you had received a national security letter, and you said you couldn’t say. National security letter, thousands of Americans have received, and they face up to five years in prison if they even reveal that information to someone close to them, that demands they give out information. Can you say now? An NSL?

LADAR LEVISON: There’s more than one issue at play here. I think that it’s important to highlight that there are still things that I can’t talk about, but that the most important thing, at least in my opinion, that I really wanted to talk about was this demand for the SSL key, and that has been unsealed. I decided very early on in this battle that I could live with turning over the keys if I could also tell people what was going on. How do you fight a law you can’t tell anybody that it exists? How do you go to Congress without being able to relate what your story is and how their laws affected you? That’s effectively how a democracy works, and they were handicapping it by restraining my speech.

AMY GOODMAN: What has your company done differently, what have you done differently—you own the company—than other companies to protect the security of your users?

LADAR LEVISON: Well, just because of my background in information security, I took a very serious approach when I designed and architected the system to effectively minimize its number of vulnerabilities. You know, I’ve spent a lot of time working with information technology in the financial services sector, so I was using the same types of protocols and procedures that a lot of banks use to protect information. And as a result, the information that they wanted to collect was not being passed around in unencrypted form. So there was no place for them to intercept it. And that was one of the big differentiators between, for example, my service and a lot of other services that they may or may not have approached. My system was effectively too secure to be tapped any other way.

AMY GOODMAN: Let me ask you about another issue. The National Security Agency, the NSA, has made repeated attempts to develop a tax against people using Tor, a—that’s T-O-R—a popular tool designed to protect online anonymity despite the fact the software is primarily funded and promoted by the U.S. government itself. That, I’m reading, from a recent Guardian piece. Ladar?

LADAR LEVISON: Mm-hmm, no, that’s absolutely correct. Tor was sponsored originally by the U.S. government to allow people in countries like China, that were firewalled off from the rest of the world, to access the Internet freely. And it’s actually designed to resist attempts by governments to uncover the identity of whoever is using the network. And to my knowledge, the network itself has actually been able to resist any attempts by the U.S. government to, you know, uncover the identity of users. But what they—what the government has been doing is basically following a practice of taking over websites on the Tor network and then using them, the hijacked websites, to install malware on visitors’ computers, and then using that malware to submit the actual IP or location of a person back to a server in Virginia, where the FBI is located. I don’t necessarily have a real philosophical problem with them taking down websites that, you know, for example, promote child pornography, or otherwise facilitate the trade of illegal goods and services, but I do still have a philosophical problem with their practice of remotely loading malware onto people’s computers without any kind of restriction, restraint or oversight.

AMY GOODMAN: Do you face imprisonment?

LADAR LEVISON: If I say little bit too much, I think I still could. I think one of the big reasons I’m not in prison now is all of the media attention.

AMY GOODMAN: What are your plans now? Are you going to restart Lavabit? Do you feel you have to go overseas to do this?

LADAR LEVISON: I feel if I did go overseas, I could run the service. But I’m not ready to give up on America yet. I think I have effectively come to the decision that I’m going to wait and see how the court case plays out. If Jesse and myself end up winning, I’ll be able to reopen Lavabit here in the U.S. If I lose, I will probably end up turning over the service to somebody abroad and let them run it, so that I can stay here in America, and I’ll move onto something else.

AMY GOODMAN: You were willing to hand over if it was just one person. Let’s say it was Edward Snowden.

LADAR LEVISON: Mm-hmm.

AMY GOODMAN: What is the distinction you make?

LADAR LEVISON: The distinction is access. What they wanted was unrestricted, unaudited access to everyone’s communications. And that was something I was uncomfortable with. And if the summer of Snowden has taught us anything, it’s that we can’t trust our own government with access to information they shouldn’t have access to.

AMY GOODMAN: What are you doing now to protect yourself? We just have 20 seconds.

LADAR LEVISON: Talking to you, trying to raise money through Lavabit.com and rally.org to help fight the case, and speaking out and hoping that somebody who has the ability to make a difference hears me.

AMY GOODMAN: Have other email providers come to you to—are others going to be speaking out?

LADAR LEVISON: I don’t know. I hope so. I think the big ones are doing everything they can, but they face a number of restrictions on their speech that really prevent them from saying what’s really going on, just like I faced up until recently.

AMY GOODMAN: Ladar, I want to thank you for being with us. Ladar Levison, founder, owner, operator of Lavabit. Jesse Binnall is his lawyer and the lawyer for Lavabit.

Show Full Transcript ›
‹ Hide Full Transcript

Creative Commons License The original content of this program is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 United States License. Please attribute legal copies of this work to democracynow.org. Some of the work(s) that this program incorporates, however, may be separately licensed. For further information or additional permissions, contact us.