I’m going to continue fighting for a strong precedent via the court system – Lavabit owner
He abruptly shut down his company, Lavabit LLC, on August 8 to avoid being forced to hand over customers’ personal information and communications.
“I’m going to keep standing on my soapbox and shouting as loudly as I can for as long as people will listen. My biggest fear when I shut down the service was that nobody would notice, nobody would care and my biggest hope was that when I shut down the service it
would lead to some positive change. I’m going to continue fighting for a strong precedent via the court system and I’m going to continue to lobby Congress for change in the laws,” he said.
Levison was issued a secret federal court order that he is legally barred from detailing, though experts believe the order to be a sealed subpoena or national security letter which demands he cooperate with an investigation related to Snowden.
He fears a bleak future for secure-data services like Lavabit should US government surveillance and strong-arming of American companies continue.
Levison said he hopes his case can help set such a legal precedent. In the meantime, he is entertaining the possibility of moving his service overseas, though he is not yet confident such an arrangement could achieve security for his customers free of US spying.
“As an American, if I were to continue running the service even if it was physically based in another country, I could still be required to compromise the security of that system and I could literally be put in a position where I’m forced to choose between breaking the laws of the country in which the service is hosted or breaking the laws of the United States,” he said.
Levison said last week he believes he could face criminal charges for refusing to comply with the secret order.
He said he thinks the American public has a right to know what the government’s doing and how it’s collecting information on its own citizens.
“If I had continued to operate, I felt like it would have put me in an ethically-compromising position.”
Most email services, such as Gmail, Yahoo and Hotmail are not encrypted and could be exposed to possible scrutiny from either the service providers or anyone who can twist the arm of these providers, such as the government.
Such was the case for the 32-year-old Lavabit founder Ladar Levison who was faced with a tough decision of whether he should reveal information or shut down his private email encryption website. Levison chose to protect his users.
“For me this wasn’t about protecting the privacy of a single person. Lavabit has received over two dozen requests for information from the Government over its ten-year history.
And we never had a problem turning over the information that we had. It is only recently that the climate has changed and I was forced to decide how I would protect the privacy of all my users.”
Private email encryption services, such as Lavabit and Silent Circle, work by allowing users to encrypt their emails which can then be accessed and decoded by a password. However, these companies could be asked to give up their passwords, which could jeopardize the information of its users.
Co-founder of Silent Circle Phil Zimmermann also shuttered his email service in order to protect his users, because he was afraid of being forced to give up private information.
“If somebody came in and twisted our arm under a court order, we could give up the keys, we would be forced to give up the keys. And we didn’t like to be in that position.”
Zimmermann also notes that even encrypted information is not completely protected because other parts of the email, such as the sender’s name or headers are still exposed in the email.
“Even an encrypted email has that part of it exposed – the mail headers that say who it is from, who it is to, maybe the subject matter of the email. That part of the email does not get encrypted, even when you have encrypted the email.”
Micah Lee from the Electronic Frontier Foundation says that encryption works. The problem is that people are still able to hack onto the computers and take the passwords or keys to decode encrypted information. Quoting NSA leaker Edward Snowden, Lee says that the problem is at the endpoints and not the actual encrypted material.
“However, endpoint security is terrifically weak. By endpoint security he is talking about the security of computers that are doing the encryption and the decryption. So, maybe you saved yourself up with PGP and you start sending encrypted emails to people, and the CSA can’t read those encrypted emails in transit. However, it is totally possible that the NSA could just hack into your computer and install malware on your computer, like a keylogger. And then they can see the email, how do you typing it in before you even encrypted. So, they can just get around the encryption through other ways.”
On the other hand, Zimmermann notes that there are better ways to secure communications than emailing.
“Email is not the most secure way to communicate. If you want to communicate more securely, you can send your written messages by using an encrypted text-messaging service, like ours, that doesn’t share the keys with the server.”
Levison says that he has become frustrated that the Government has applied laws in secret and continues to violate the rights of American citizens.
“The privacy rights of Americans are still being violated, and with impunity. It is embarrassing to see just edacious our Government has gotten in their requests for information from companies like mine.”
Zimmermann agrees and says that it is time to push back and develop more policies that protect the American public.
“This is Government’s overreach. We have to try to change the laws. We have to try to push back and try to recover the privacy that we had before.”
Lee says that maybe the best solution now is the streamline data encryption allowing all users to easily encrypt and decode information.
Voice of Russia, RT