In oral arguments heard on Tuesday, Lavabit and federal prosecutors each presented their cases in front of a three-judge panel at the Fourth US Circuit Court of Appeals in Richmond, Virginia. The case is an appeal of contempt-of-court charges against Lavabit, a now-defunct e-mail hosting service that once offered secure communication.
In the summer of 2013, Lavabit was ordered to provide real-time e-mail monitoring of one of its users, widely believed to be Edward Snowden, the former NSA contractor-turned-leaker. When Lavabit told the feds that the only way it could hand over communications was through an internal process that would deliver results 60 days after any communication was sent, the authorities returned with a search warrant for Lavabit's SSL keys, which could decrypt the traffic of all of Lavabit's users. Ladar Levison, the CEO of Lavabit, handed over the SSL keys but then shut down his 10-year-old business rather than expose all of Lavabit's users.
The first report of the appeals argument from PC World suggests that while Levison may be a hero with privacy advocates, he's going to have a tougher time convincing the judges on the appeals court. The case was “blown out of proportion with all these contentions” of what the FBI would do with the SSL keys, said US Circuit Judge Paul Niemeyer. "There’s such a willingness to believe” that the keys will be misused and that "the government will spy on everyone,” he said.
“Attorneys from both Lavabit and the US government agreed that the legal issues between them could have been resolved before heading to court, though neither party seemed to have an adequate technical answer of how Lavabit could have successfully passed unencrypted data to a law enforcement agency in order to meet the government’s demands,” wrote PC World's Joab Jackson.
The issue at hand wasn't whether the government should be able to demand SSL keys, but simply whether Lavabit had properly complied with the lower court's orders or not. “[US Circuit Judge Roger] Gregory had stated that 'the encryption issue was a red herring,' one that drew attention away from Lavabit’s non-compliance.”
Niemeyer also suggested that Levison took too long in responding to the initial order for e-mail surveillance. The delays left the government no choice but to demand the SSL keys.
“[US Attorney Andrew] Peterson argued on behalf of the government that the court order for the SSL keys had only been issued after it was obvious 'that any trust between Lavabit and the government had broken down,' by mid-July,” PCWorld reports. “The company had treated the court orders 'like contract negotiations,' he said, rather than as a legal requirement. Trust had also been eroded by the long periods of silence from Lavabit.”
Government lawyers also said they have no plans to sue Lavabit for obstruction of justice for shutting down the service.
With the appeal arguments now fully submitted, the court could rule at any time.
reader comments
175