Lavabit Case Shows Why We Need Tech Literate Judges
from the a-failure-of-knowledge dept
While there’s plenty of attention being paid to Lavabit’s temporary re-opening for the sake of letting people export their accounts, a much more interesting issue is the recent development in the legal case. Lavabit has filed its latest brief, and there are some interesting discussions about the details of the case. From my reading, Lavabit makes a very strong argument that the government has no right to demand the production of Lavabit’s private SSL keys, as it’s an overreach way beyond what traditional wiretapping laws allow. Lawyer Orin Kerr’s analysis argues that Lavabit’s case is weak, mainly arguing that the federal government can subpoena whatever the hell they want, and just because it conflicts with your business model: too bad. Lavabit argues that complying with the government’s order is oppressive because it would effectively mean it would be committing fraud on all its customers:
[T]o comply with the government’s subpoena would have either required Lavabit to perpetrate a fraud on its customer base or shut down entirely. That is the key point, and the resulting harm goes far beyond a mere inconvenient search for records. Just as requiring a hotel owner to install glass doors on all its hotel rooms would destroy the hotel’s business, Lavabit cannot exist as an honest company if the government is entitled to take this sort of information in secret. Its relationship with its customers and business partners depends on an assurance that it will not secretly enable the government to monitor all of their communications at all times. If a mere grand jury subpoena can be used to get around that (in secret, no less), then no business—anywhere—can credibly offer its customers a secure email service.
But Kerr points out that this is a “really weak argument”:
This strikes me as a really weak argument. Lavabit is essentially claiming that its anti-government business model trumps the subpoena power. That is, it is arguing that the subpoena is “oppressive” precisely because it would work: It would allow the government to conduct the surveillance it is allowed to conduct under the Pen Register statute.
Further, Kerr argues that to accept Lavabit’s argument would mean that any company that announces an “ideology or business strategy” that opposes government surveillance could then resist legitimate government subpoenas simply by arguing that they are oppressive and abusive.
I respect Kerr and always look forward to his legal analysis, but I think he’s wrong at a variety of levels here, and, tragically the judge in the case seems to have the same confused view of what Lavabit is actually arguing (though, one could argue, that is actually the fault of Lavabit in not making its case clearly). Lawyer Scott Greenfield does a good job explaining why Kerr has mischaracterized Lavabit’s defense — first noting that being pro-privacy is hardly being “anti-government” as Kerr implies. Then pointing out that Lavabit’s argument isn’t that the government’s demand for its private keys was merely oppressive because of its business model, but because it would put Lavabit out of business — which is not the same thing.
This isn’t really a fair characterization of Lavabit’s point. Initially, the argument is that revelation of the private key would be the ruination of the business. By exposing every customer to government disclosure, and covert disclosure at that, the government would take a viable business, making money and delivering a service as businesses are allowed to do in America, and destroy it. Poof, company gone. Business gone. Revenue gone. Wham, bam, thank you, Ladar.
But there’s an even bigger point in here, which I think Kerr misses entirely, and Greenfield skips over: from a technology standpoint, what the government is demanding of Lavabit is absolutely oppressive and abusive. And, for that, it helps to look at Ed Felten’s discussion of the case, in which he notes that the judge and other DOJ supporters in this case (including, it would seem, Kerr) are basically arguing that “If court orders are legitimate, why should we allow engineers to design services that protect users against court-ordered access.” But Felten points out that requiring “court ordered access” is tantamount to requiring a massive vulnerability to insider attacks:
To see why, consider two companies, which we’ll call Lavabit and Guavabit. At Lavabit, an employee, on receiving a court order, copies user data and gives it to an outside party—in this case, the government. Meanwhile, over at Guavabit, an employee, on receiving a bribe or extortion threat from a drug cartel, copies user data and gives it to an outside party—in this case, the drug cartel.
From a purely technological standpoint, these two scenarios are exactly the same: an employee copies user data and gives it to an outside party. Only two things are different: the employee’s motivation, and the destination of the data after it leaves the company. Neither of these differences is visible to the company’s technology—it can’t read the employee’s mind to learn the motivation, and it can’t tell where the data will go once it has been extracted from the company’s system. Technical measures that prevent one access scenario will unavoidably prevent the other one.
Insider attacks are a big problem. You might have read about a recent insider attack against the NSA by Edward Snowden. Similar but less spectacular attacks happen all the time, and Lavabit, or any well-run service that holds user data, has good reason to try to control them.
Now, go back to the judge’s order or Kerr’s analysis, and revisit it with what Felten pointed out, and you realize how far off-base both the Judge and Kerr are in their analyses. Lavabit didn’t design its system to be setup the way it was because it was “anti-government,” but rather because it wanted to create secure email that protects against a variety of different kinds of attacks, both insider and outsider. That’s why it found the government’s request so “abusive” and “oppressive.” Not because of an ideological disagreement, but rather because of the technological reality that handing over Lavabit’s private keys absolutely wrecks any real security of Lavabit’s system, which is Lavabit’s entire business.
So, while Kerr and the judge in the case seem to think it’s a mere ideological issue, that’s simply not true. It’s a technological issue, on which Lavabit’s entire business was based. If Kerr and the judge are correct, then, as Felten properly notes, it becomes effectively illegal to build a really secure communications system. That seems positively ridiculous, especially in a time when we’re told (by the very government agency that wants to do all this spying) that we need better online security to protect against attacks.
Filed Under: doj, ed felten, email, ladar leveson, orin kerr, scott greenfield, secure email, subpoenas
Companies: lavabit
Comments on “Lavabit Case Shows Why We Need Tech Literate Judges”
Still not the right arguments or points
I have no problem with the government getting a narrowly targeted subpoena and having any IT business hand over specific decrypted information. That is the power of a subpoena rightly used. However, demanding the master key to decrypt ALL the emails of ALL the users is a massive overreach. Going in and placing a tap on a single line to listen to the calls for an investigation is a long established legal precedent. Going in and recording ALL the calls is where we have problems. And we must fight every one of these overreaching attempts or we will indeed lose the rest of what America used to stand for..
Re: Still not the right arguments or points
That. While it could be questionable that Snowden was targeted if the subpoena was narrowly directed at him it would make much more sense. Asking for the master key would be akin to getting an order for free access an entire neighborhood while targeting some, say, drug dealer that lives there. You are not supposed to have access to every house in the neighborhood if you are looking for a specific guy. If there’s reasonable suspicion that said dealer may be hiding stuff in other houses in the vicinity then you get a specific warrant for those specific houses. So if you transfer the analogy to Lavabit they could ask for further details on a few other accounts, not the master key.
Re: Still not the right arguments or points
Exactly. The “glass doors on all hotels” metaphor isn’t quite correct. It’s more like the local police demanding a hotel install hidden cameras in every single hotel room, always recording, with the feed piped directly to police HQ. Rather than police ask a hotel to help them set up a single temporary camera for a single user/room, they are simply bypassing the locked doors and solid walls designed for users privacy.
In this case, They are demanding not that Lavabit occasionally turn over suspects email data when asked, they are asking for a permanent back door to look into anyone’s comms without anyone knowing, even the hosting company. That is wrong on every level (spying on everyone regardless of suspicion, lack of informing a third party such as the hosting company, no process).
Re: Re: Still not the right arguments or points
It’s even worse than that. With those keys they could forge an email “from” a person so well that no one would be able to distinguish between the forgery and the real deal.
Why subpoena records when you can just write your own and get a guaranteed conviction of the accused?
You missed the point. There is not a separate ssl key for each account, only one for all of them. Otherwise, the business would drown in the costs of certificates.
Re: Re:
I think you have this wrong on 2 points, unless I’m very much mistaken.
First off, self certification is available for anyone who wants it for SSL, you can self cert your own certificate any time you want. You only have to pay an external provider if you want it to be from a trusted provider rather than trying to form your own. In other words, if you’re using the certificate on a public website and you want to appear to be trusted you have to pay, else you can generate your own with an internal certificate if it’s just for internet users. SSL doesn’t have to cost anything, depending on the use case.
Secondly, I don’t think that’s how they were working in the first place – certainly not through SSL, perhaps think more like PGP. As I understand it, each user had a private and public key generated to protect the content. Lavabit stored the content but did not have the private key stored. Each individual would have a separate key, but Lavabit wouldn’t know what it was. When a user tried to access the mail, then and only then would the key become available to Lavabit’s software to decrypt the mail in order for the user to access it. What Lavabit were being asked to do was monitor the connection and capture the key when it was used to decrypt the mail, and then provide that for use when authorities demanded it. While technically possible, this would be a huge breach or trust and any security company depends on trust in order for people to use them, hence the complaint.
Forgive me if anyone else is seeing this as wrong and I’ll welcome corrections, but the bottom line is I doubt they required an individual GoDaddy or Verisign certificate for every user.
Re: Re: Re:
Yes, you are wrong.
One, while you can create a self signed SSL key, in a company with customers, this is not something you want to do. Giant error messages constantly pop up warning you that the certificate is self signed and cannot be trusted.
Two, that is how they were working. If you go back threw the Techdirt history, you’ll see the article about Lavabit giving the SSL key in tiny, unreadable 4 point font. The big argument about why being forced to give out the key was a bad thing is that it would give the government complete access to all accounts on Lavabit.
This wasn’t the situation described where a subpoena comes in and someone at the company decrypts the data and only that data. This was the government trying to get the ability to decrypt all the data going in and out of the system whenever it wanted without anyone at Lavabit knowing.
Re: Re: Re: Re:
Hmmm, perhaps I am getting mixed up then. I listened to a lot of info about the way they, Silent Circle and others were working, perhaps I’m wrong.
But surely if they had to use a costly external provider as per rw’s point, then it would be irrelevant what Lavabit did, as the authorities could just go after the provider to get the keys?
Re: Re: Re:
If they were using PGP or any other third-party end to end encryption, Getting the SSL certificate wouldn’t matter, because the content would still be encrypted.
what they wanted initially was known as a ‘pen register’, and amounted to giving the NSA access to monitor who a person was contacting/possible content monitoring. However, because that data stream being monitored is encrypted, the pen register told them nothing.
What they then attempted was to get the SSL certificate, which we have been told would have erased the security of the system and given the NSA full access to everyone’s data. Given that a Proper PGP system wouldn’t be affected by the compromise of the SSL certificate, given that the PGP public private key system is independent of SSL, It seems likely that the data was encrypted using SSL.
This has the advantage, as I pointed out elsewhere, that the user gets protection against man in the middle intercepts of his data but can still email non PGP users or PGP users with whom they had not yet shared public keys. You still want to be careful emailing said unprotected users, but the security of the communications ‘in-transit’ is significantly improved.
And it is clear from what we have been told that there was only one SSL certificate.
Re: Re: Re: Re:
That’s not what I recall. As I recall, Lavabit refused to comply with the pen register order. That’s when the NSA went to court to force Lavabit to comply. Things escalated from there.
Clearly, Lavabit didn’t implement a “proper” PGP system, with encryption/decryption happening at the client only, or handing over the SSL key wouldn’t have granted access to users’ emails (which seems to be what’s being argued). I’m not sure how Lavabit did provide its secure email services, though.
That's a feature, not a bug
If Kerr and the judge are correct, then, as Felten properly notes, it becomes effectively illegal to build a really secure communications system.
Given that seems to be exactly what the NSA is aiming for, making every service vulnerable, just to make their jobs easier, I can certainly see why a judge would go with that argument.
Also, something that struck me, ‘anti-government business model’… things are screwed up indeed when providing secure, private services are seen as ‘anti-government’, rather than simply common sense. By that same logic banks rely on ‘anti-government business models’, as they also try and keep customer data secure, and would likely object to being ordered to hand over all their customers’ data/accounts, and for the same reason: doing so would cause their customers to very quickly become ex-customers.
Re: That's a feature, not a bug
If you don’t comply with every single crazy demand or have any opinions that the Government doesn’t like then you ate anti-government. This adjective is dangerous and its usage is one of the signs that show a country is heading towards fascism.
Re: Re: That's a feature, not a bug
It’s pretty much there, having arrived on the back of petty partisanship by convincing us that there’s an “Us” and a “Them.”
Disagree with Us? You’re one of Them.
And so it goes. That is the mindset of those people we’ve devolved authority to and that is what we need to fight. Miss the point at your peril; we’ll be too busy fighting each other to concentrate on the real enemy.
Vote the bums out in the next election, and for the love of God vote third party.
pro piracy = anti government
Like it or not, any stand which involves opposing the law is pretty much always “anti-government”. Supporting illegal actions, or being a playing in a process that breaks the law willingly and knowingly is pretty much anti-government / anti-establishment.
Kerr’s argument is correct in that Lavabit’s stand appears to be that their customer agreement should somehow trump the law, that a summons issued by the courts should somehow be able to be ignored because it would cause them issues with their clients. The excuse that handing over the keys hurts their business does not grant them any pardon from the case or excuse them from their legal liability in the issues at hand.
If their business strategy is built on obscuring things from all legal action at all times, they are very specifically anti-government, anti-law and order, and attempting to put their own actions and those of their customers somehow ahead of the legal rights of others. That doesn’t seem right or fair, no matter what technological veil you try to throw over it.
Re: pro piracy = anti government
You don’t get to request access to 4000 accounts. Plain and simple.
Re: Re: pro piracy = anti government
What I don’t get is where the fuck piracy comes into this. The Lavabit story has fuck all to do with piracy.
Re: pro piracy = anti government
Doors, locks and walls obscure things from legal actions all the time.
Does that make them illegal?
Re: Re: pro piracy = anti government
“Doors, locks and walls obscure things from legal actions all the time.”
Yes, and the police can show up at your LOCKED door with a valid search warrant for the premises and be able to get past the locked door – and in general be able to open any other locked doors inside of that premises within the scope of the warrant.
Lavabit is trying to say “you can’t come in the building, because what we are doing is none of your business”, yet the warrant (issued by a court) says otherwise. You cannot block the law just by putting a lock on something and saying “this lock is stronger than your warrant”.
It doesn’t make things inside illegal, but a valid warrant is still a valid warrant, and digital locks should be no different in front of the law compared to a lock on a file cabinet or a strong box.
Re: Re: Re: pro piracy = anti government
Actually, to make the ‘police at the door’ analogy accurate to what was happening here, it’s more like a large apartment building, with a whole lot of tenants, and the police are demanding a key that unlocks every apartment in the building, not just the one owned by the suspect.
Not only that, but they then try and tell the building owner, the one that they are asking for the key from, that he’s not allowed to mention it to those renting apartments, whether they are the one’s being investigated or not.
And finally, they demand the ability to set up surveillance on all tenants, though they ‘promise’ that it’s automated, and that despite the fact that they are demanding the ability to enter any apartment, and watch every tenant, that their efforts will only catch actions performed by their suspect, and nothing else.
Re: legality != morality
Laws are man-made and can be very, deeply flawed. The moral choice is not always the legal choice. Ask the American insurrectionists who fought against the British crown. Ask the Germans who snuck Jews out of Germany instead of complying with the laws that the Nazi’s created. Ask Edward Snowden. Ask Mark Felt. Ask all the civil rights protesters in the 60’s.
Re: pro piracy = anti government
By that logic, people who helped free slaves were anti-government too.
People who support gay marriage (in some states) are anti-government.
People who speed are anti-government.
Re: Re: pro piracy = anti government
speed limits are bullshit on the open road! People drive as fast as they feel comfortable doing.
OMG! I’m anti government!
Re: pro piracy = anti government
The law says that to be valid, a warrant must be specific and accurate. A good example would be a warrant to search a specific person’s email account at a specific provider. A single transposed number in the address can render such a warrant invalid.
A warrant that seizes all the email accounts of an email provider business despite the fact that none of them are related to your investigation is not specific and therefore illegal.
Our nation is a constitutional republic, there are things the government CANNOT do because they are illegal. Expecting the government to obey the law isn’t anti-government, it’s pro-government.
Re: anti piracy = pro idiocy
horse with no name just hates it when due process is enforced.
Re: pro piracy = anti government
This is total cobblers (to use a well-worn UK expression). I have yet to read a more tangential twisting of facts in a news story. Sounds like OOTB in disguise, stirring things up as usual with an obtuse reference to copyright thrown in to muddy the waters. To desire privacy and security is NOT anti-government, although just recently the terms do seem to be synonymous. It’s a well-known fact by now that the NSA has made the world LESS safe by their surveillance antics. The sooner they are out out of business, the better, in my opinion.
Re: Re: pro piracy = anti government
No one disputes that you may deservedly enjoy some privacy from the peeping-toms lurking amongst your neighbors.
But relations between the individual and the state rest on a different plane, inhabit a more lofty sphere.
Those who wish to hide from the state?are the very ones who plot against the state. The desire for concealment from the state is but the first step down the criminal’s road to the hangman’s noose.
When the state demands, you must yield. What the state demands, you must surrender. Anything less constitutes base treason.
Re: Re: Re: pro piracy = anti government
… wow, that is just a perfect textbook example of authoritarian thinking, the idea that the state is always right, only enemies of the state would object to being watched, and that not automatically agreeing to do what you’re told constitutes treason.
You may not be aware, but the government/those in power can be wrong at times. Crazy, I know. But what that means is if they are wrong, the right thing to do is challenge them on it, so the problem can be fixed. Just rolling over and letting them do as they please merely passes the problem on to someone else, all the while letting the problem fester and continue.
Re: Re: Re:2 pro piracy = anti government
Transcript of Hearing Before the Honorable Claude M. Hilton, United States District Judge, August 1, 2013, 10:00 am
Clearly entitled.
Re: Re: Re:3 pro piracy = anti government
Said by a judge that had no idea what his order would actually do, given he was ordering them to hand over the key to over 4,000 accounts, not just the one they were saying they wanted access to.
Not only that, but like all companies, Lavabit depends on their customers trusting them, and having every account compromised, just to allegedly look over one of them, would absolutely destroy that trust, putting them clean out of business in short order.
The non-digital version of an order like that would be if the feds wanted a warrant to search for a suspect in a certain town, but rather than get one that was specific, covering one house, they tried to get a warrant that would allow them to search the entire city, entering any house they pleased, listening in to any phone call they received or sent, and examining the contents of any mail that was sent or received.
A judge would have to be completely insane to grant a warrant of that scope, and you can bet it would be challenged the second it was learned about, as it wouldn’t even remotely comply with the 4th amendment, which requires very specific terms and scope for a warrant. Because the judge didn’t understand just what he was ordering Lavabit to do however, that’s pretty much exactly what he ordered.
Re: Re: Re:4 pro piracy = anti government
Judge Hilton had no idea that his job was to finely calibrate the balance between individuals and the state? He had no idea?? No idea?
?If only Judge Hilton knew??
?
?If Only Stalin Knew: Vain Hopes In The Terror?, Special to the New York Times, published March 14, 1987
?Some kind of mistake that would soon be set right, if only they could get word to Stalin.?
?
?
Claude M. Hilton (born 1940) is a United States federal judge.? On May 15, 1985, Hilton was nominated by President Ronald Reagan to a new seat on the United States District Court for the Eastern District of Virginia? In May 2000, Chief Justice William Rehnquist appointed Hilton to serve as a judge on the Foreign Intelligence Surveillance Court.
Re: Re: Re:5 pro piracy = anti government
Judge Hilton had no idea that his job was to finely calibrate the balance between individuals and the state? He had no idea? No idea?
There’s knowing what your job is, and actually performing it, something he didn’t exactly seem to be doing here. But perhaps you can explain it, how exactly is the ‘balance between individuals and the state’ preserved by ordering a company to hand over the key to all of their customers’ accounts, when the ‘target’ stated was supposedly just one of them?
That would be like if one of the alphabet agencies wanted to check the finances of a suspect in a case, but rather than order the bank to hand over the info to one account, the suspect’s, they wanted access to all of the accounts, and in such a manner that they would be without any real oversight over their actions once they had said access.
I notice you list the fact that he’s been nominated for different positions by a president and chief justice*, but while that suggests that he knows the law decently well, it means nothing if he wasn’t aware of the technical aspects of what he was ordering here.
Look, I’m not saying he doesn’t know the law, but if he didn’t properly understand the technical side of what he was ordering, the fact remains that while he likely thought the warrant/order he was issuing was limited in scope and would only be used to target one person/account, due to how the order was worded, and the technical aspects involved, it would have been anything but limited, allowing access to literally thousands of accounts, with nothing more than a flimsy ‘promise’ to protect the data and accounts of the innocent people who’d had their accounts compromised.
No idea why you pulled out a Stalin reference, as Godwin-ing a thread requires a Hitler/Nazi reference, I don’t think Stalin quite counts, and I can’t think of any other reason you’d mention him.
*Though given the second appointment was to the FISA court, which doesn’t exactly have a sterling reputation these days(to put it mildly), and especially doesn’t have a reputation of denying any requests from intelligence agencies, not sure that particular one is something to be proud of.
I thought it was a different issue
I thought the government decided that asking for access to one person’s (Snowden) records wasn’t enough after they were turned down and so they demanded EVERYTHING instead.
Isn’t that the real issue or did I miss something?
Privacy IS a really weak argument. But our public servants have NO say over it.
Because they’re our servants who exist and act legimately only by our consent, NOT our rulers. If people will just get the relations right, it’s easy.
BUT what we get here is a technocrat weenie holding that it’s “a technological issue”. — NO, IT’S NOT, MIKE. It’s an inalienable human right, which can be violated (perhaps necessarily) but never actually taken away. Your “technical” weenie-ing only helps gov’t steal our rights by not standing on fundamental principles.
Spying is the main ‘business model’ of the internet, especially for Google and Facebook.
03:57:08[d-250-8]
Re: Privacy IS a really weak argument. But our public servants have NO say over it.
I’ve read the piece and my comment over. Stands fine. But do see that I didn’t explicitly point up that yet again Mike is first concerned with a corporation, and doesn’t explicitly state ANY concern for “users” or “natural” persons. Italics and boldface for a business, but NO apparent concern for We The People.
Re: Re: Read It Again
So you glossed over the fact that, in this scenario, Lavabit’s stance is the same as it’s customers. Lavabit shut down for the purpose of serving it’s customers interest. Is there some other side that their customers would possibly be on in this fight? The fact that you keep trying to find a way to argue that Mike has a bias just shows your own bias. Not all stories are going to fit into your anti-Mike narrative. Get over it.
Counter Point
Like it or not no ligament government is a suicide pack.
Snowden worked for NSA and had access at a very high level to very secret information including WMD type data.
Conclusions:
1. Snowdwn should have better sense than use a secure e-mail server. In his case if it could not be said in the open then he should have used some other means other than e-mail.
2. No one can stand up to government when you stand between government and government’s control of WMD.
3. It is the belief of all government officials that their power knows no national boundary. Example, all USSR officials believed that the whole world was subject to soviet law. The same could be said for 18th century UK officials.
"Business" is the wrong word...
With respect Mike, I’m not sure your argument is much stronger because you’re still using the term “business”. If we (accurately!) described Lavabit’s encryption as an “activity” (to distinguish this from the revenue or other business-related aspects of their various “activities”) then I think we get much closer to the heart of the matter.
“…handing over Lavabit’s private keys absolutely wrecks any real security of Lavabit’s system, which is Lavabit’s entire *activity*.” And, such *activity* is expressly not to be infringed upon casually by the government. (To my mind this makes a more direct connection to 4th Amendment principles…)
It might be a small point, but I think it’s necessary to clearly distinguish this case from other cases where government regulation/activity is seen (by you) as “felony interference in a business model”. We don’t want to foster any chance that these cases can be confused, do we? (Or do we… if that argument is succeeding with judges in those other cases? /s)
Re: "Business" is the wrong word...
Felony interference with a business model has been the way Gatekeepers push laws to protect their methods of doing business.
That is WHEN government regulation happens.
Why not just store each customer’s emails with a separate key only known to the customer? With the SSL key, the gov’t can decrypt the network packets, but if the content of the packets is encrypted using the customer’s “secret email key” prior to being sent over the wire, then the content is protected from anyone who has Lavabit’s private SSL key, be it gov’t, malicious party, or even Lavabit itself.
Re: Re:
What you describe already exists. But it requires both sides to know each other and share public keys and have the software to work with it and because these keys are large data strings, you would have to store the key with the software, or likely in this case the lavabit servers, which likely undoes the security you are going for. Lavabit, by using SSL, encrypts all email sent out no matter the recipient and his setup or privacy concern, and only can be intercepted at the end point, but is still readable by the recipient. Secure communications without the enduser’s normal problems setting up secure communications.
Re: Re: Authenticating total strangers
As strange as it sounds, we can design a system to help total strangers to authenticate each other. The digital form of a blind date. However, instead of a mutual friend to do the introduction, we use a website of common interest.
Once authenticated, there is no stopping them from creating new channels. Not even the website can block that.
Check out: http://eccentric-authentication.org/
and the slides for my talk at BruCON: http://eccentric-authentication.org/blog/2013/09/28/talk-for-brucon.html
You are missing something
I think both the judge and the Techdirt authors are missing a key point to the whole process.
Mass data collection (which a subpeona for the SSL Certificate is) is justified by the Third Party Doctorine, namely that no data you give to a ‘third party’ has an expectation of privacy. However how can you have no expectation of privacy when the product that Lavabit sells is…privacy? Lavabit has a black box email, so it can’t look at your communications data. That sounds like a situation where my communications are designed to remain private, because Lavabit can’t even do any spam scanning or other ‘intercept’ of the communications data. If I used an encryption email, I would have an expectation of privacy with the encrypted data. So in what way can you justify a wiretap on every customer of Lavabit when privacy remains expected?
Re: You are missing something
I suggest we amend the constitution to strictly control the third-party doctrine, as it has clearly abridged its intended scope (other issues touched upon include anonymity and secret warrants):
Re: Re: You are missing something
Gah, wrong wording:
*abridged –> exceeded.
Re: Re: You are missing something
I like it. WHich means it’ll never get proposed.
Re: Re: You are missing something
when you have to suggest changing the Constitution to allow your legal defence to work you know your in trouble.
Lavabit was aware (or should of damn well been aware) that Courts can subpoena emails or ANY documents required by a court (for discovery), and therefore was fraudulent in offering a service that he was aware he could not provide, and excepting money for that service.
That’s a scam, not a business model.
Re: Re: Re: You are missing something
Perhaps you’d care to point out where they promised not only a secure service, but one immune to legal, reasonable court orders?
You’ve spammed the comments on this article, extensively, trying to make it look like Lavabit was engaged in fraud by promising a service immune to the law(which would be both fraudulent and illegal), whereas all they actually sold their service as was a secure, private service, never claiming that it was immune to the law.
Yes a court can compel a service provider to hand over certain data pertaining to a suspect or investigation, but that’s not what was being demanded here, in this case they were demanding that Lavabit hand over everything, access to all of their user’s accounts, which is well beyond reasonable or even sane, given the purported target was a single account.
Something the demanded ‘give us access to all of your users’ accounts is anything but.
Really weak argument
> This strikes me as a really weak argument. Lavabit is essentially
> claiming that its anti-government business model trumps the
> subpoena power. That is, it is arguing that the
> subpoena is ?oppressive? precisely because it would work:
> It would allow the government to conduct the surveillance
> it is allowed to conduct under the Pen Register statute.
This strikes me as a really weak argument. The accused is essentially
claiming that its anti-government business model trumps the
enhanced interrogation techniques power. That is, it is arguing that the
enhanced interrogation techniques are ?oppressive? precisely because they work:
It would allow the government to coerce the information
it is allowed to coerce under the ***REDACTED*** statute.
maybe the legal arguments are weak but the ethical ones are not. how can any business or service, that relies solely on privacy exist if the privacy is only able to be in use and in force as long as someone else, in this case the USA NSA, doesn’t want it? if that is going to be the case, what is to stop anyone asking for and being given the right to request information on a bank account, for example? it would be extremely unpopular, but it has to be available to all unless all privacy, secrecy and freedom is to be removed from everyone, everywhere!
It’s rather disgusting to refer to lavabit as having an “anti-government” business models. They had a business model that ensured security and privacy to users, and wouldn’t play ball with a request that compromised ALL users.
You do not (or should not…) have the ability to tap every Verizon users calls and texts because a lone Verizon user is a target of a legal case. Same deal here.
Re: Re:
That Kerr even used the term anti-government just shows his own bias, not Lavabit’s. The implication of the use of the term is that someone was intentionally trying to do something against the government, rather than just creating a business out of a secure tool. It’s the government that is making this an us vs. them, but Lavabit could be used against the Syrian or Iranian or Chinese governments as much as against the US government. Or could be used against terrorists. CIA agents could apparently have used it if it were so secure that the government has to fight to get the encryption key and the company actually shuts down rather than compromises its ethics or business model.
Re: Re: Re:
Professor Kerr used to be Prosecutor Kerr.
Orin S. Kerr
Prosecutor Kerr, Special Assistant U.S. Attorney in the Eastern District of Virginia.
He knows about anti-government types.
Re: Re: Re: Re:
Exactly. Kerr’s previous experience as a lawyer likely causes him to see every piece of secure technology as a tool that perps can use to break the law and causes him to ignore legitimate, legal and moral uses.
Re: Re: Re:2 Re:
Every technology is a tool that ‘perps’ can use to break the law.
A hammer is a great too, it can hammer in nails, or break some one’s skull in.
A computer can be used to for many things, including guiding a nuclear missile.
Any (and every) tool can be abused, or not, it’s not about the tool, it’s about the fool who abuses it.
Mike just because you use technology, does not exempt you from the laws.
Lavabit should have known that a court could order them to provide information therefore they were negligent and misleading to their clients, in offering them something they knew they could not deliver.
Clearly, therefore it was never a viable business model in the first place. Because if the owner of Lavabit KNOW ANYTHING ABOUT THE LAW !!!! he would know that he simply cannot assure secure email.
That’s why he closed his doors, because he sold his services under false pretences. If you clients are paying through the nose for ‘privacy’ and he accepted that money knowing he actually could not assure that privacy, his business model is dead..
Are you Mr Masnick in the business of offering your customers something you know you cannot deliver ? We’ll he is..
Re: Re: Re:3 Re:
Um, does “MrWilson” look so close to “Mike Masnick” that you’re confused about who is making the comment? I’m pretty sure that makes you the eponymous moron in a hurry…
But as far as your comment is concerned: You provide your own counter argument. Tools are indeed agnostic and the person who abuses them for illegal purposes should fear that the government will come after them. People who don’t abuse tools, however, have a reasonable expectation of privacy. The fact that the government asked for access to the entire dataset of customer communication meant that the government was going after everyone, not just Edward Snowden.
Yes, any business owner should practically know that the government will overstep its authority and willfully violate the Constitution, but that doesn’t mean a business owner should have to compromise their business for the sake of illegal and unethical orders from the government.
Re: Re: Re:4 Re:
But everyone knows, courts are able to subpoena Emails are part of their discovery, Lavabit sold their services with the claim of “complete privacy” something they were AWARE they could not provide. (because Courts can demand emails).
That is a crime in itself, offering a service you know you cannot actually provide and receiving money for that service.
When you advertise and sell a product that you know you can not deliver, but you keep the money anyway that is fraud!!
Re: Re: Re:5 Re:
Please provide examples of Lavabit advertising that its service was completely secure.
And then explain how that advertising preempts the Terms of Use Agreement which included this paragraph (emphasis mine):
“Through its network of servers and software, Lavabit provides a variety of Internet-based services. These services include, but are not limited too, e-mail service. Your use of these services signifies that you agree that all Lavabit services are provided AS IS and AS AVAILABLE and that Lavabit makes efforts to maintain its services but ultimately claims no legal liability for the availability, timeliness, security or reliability of its services. This waiver of liability covers accounts provided for free and accounts provided in exchange for money, unless a separate written service agreement is signed between the parties.”
http://web.archive.org/web/20130530075339/http://lavabit.com/terms_of_use.html
Re: Re: Re:2 Re:
Professor Kerr denies that individuals have any right to converse amongst themselves free from the prying ears of the authorities.
Further, the good professor goes on to suggest that anyone who espouses such a right is necessarily disloyal to the state.
?
That is a prosecutor’s mindset.
Re: Re:
yes, he could of just said a “Fraudulent” business model, offering services he was aware he could not provide and getting money for that service.
Government is anti-privacy
Kerr is right. Greenfield is wrong.
The government is against privacy. People for privacy are anti-government.
?
They are. It’s just a fact.
Re: Government is anti-privacy
Re: Re: Government is anti-privacy
Ugh . . . nevermind.
Do you trust the FBI?
The judge clearly believes what he’s been told.
Judge believes:
That the FBI wants to put a box on his network, that the box needs the SSL key and they will only take the limited evidence the judge specified and throw away the rest.
I believe:
The FBI hands the key to the NSA to do the surveillance (see ‘FISA warrant leak’). The NSA doesn’t need the box, it has a backbone tap already into Lavabit (secret room leak). It already stored any encrypted data into Lavabit waiting for the key (leak stating encrypting data is a reason to store US data). These things have been covered by leaks already. The NSA uses these keys for attacks (Bullrun) for data mining (e.g. Shadow Social Graph), it keeps US data regardless (‘Obama’s lockbox’), hands them to foreign governments (e.g. ‘Israel pinky swear leak’). All of which violates the judges limited warrant. It can even go back in time and decrypt historic data for every other than Snowden.
But then again, as long as its secret, the Judge doesn’t know.
And Lavabit can’t control how its keys are used, so it can’t enforce any limits the Judge demands.
And the FBI told him the truth as far as the FBI knows it, plausible deniability means they only see the legit data. They never saw the data Snowden saw for example.
So it isn’t a technical judge that’s needed, its one that’s read the Snowden leaks unredacted so hes aware of the truth and can make judgements based on that truth.
Mike "m" my drug dealer friend
He had the same problem as Lavabit, the police searched his house and found his stash of drugs, the confiscated them !!!.
Mike argued in court that he needs those drugs, as his clients have an expectation of delivery, he argued his entire business model revolved around being able to supply his product to his clients.
Do you think you can work out what the Courts decided ???
Re: Mike "m" my drug dealer friend
I think you win the award for the Worst Analogy in the History of Analogies.
A better analogy is that you run a legitimate hotel and a judge orders you to provide room keys to all the rooms in your hotel.
Re: Re: Mike "m" my drug dealer friend
Yours is not a lot better.
If fact it would be like running a hotel and renting out rooms saying, if you rent a room you are safe from the police if they have a warrant to search you or the room, but you have to pay MORE for our rooms.
Then when the police turn up to search one of your rooms (and clients) you tell them “my business model is such that they pay me to NOT be searched”!
Then when you go to court, you tell the judge “my business model is based on telling my clients they will not be searched”!!
Judge says “But you were aware that if the police turned up with a warrant you are legally obliged to comply with the warrant, therefore you selling your product is a act of fraud because you are selling something knowing you were not actually able to deliver to your clients what they payed for, and what you said you could deliver.
That is fraud, plain and simple
Re: Re: Re: Mike "m" my drug dealer friend
Ummm, no. Just no.
Lavabit never claimed that using their service would shield you from valid search warrants. In fact, they’d cooperated with them in the past.
Re: Mike "m" my drug dealer friend
So you’re saying that encryption is illegal, because that’s what it looks like you’re saying.
Your drug dealing friend was arrested for dealing drugs (illegal drugs, I would assume) and argued that the drugs were required for doing business. Lavabit is saying that encrypting traffic is required for doing business. So following the simile, you think encryption is illegal.
Re: Re: Mike "m" my drug dealer friend
I guess you don’t understand, but when I said IT”S NOT THE TECHNOLOGY it how it is USED.
Everyone KNOW FOR A FACT that Courts can order Emails sent and received for their investigations, Look at the SCO case, or Microsoft, or Enron, or Burnie Madoff the courts order their emails.
So it WELL KNOW that Courts HAVE THE RIGHT to demand documents and information as discovery with a subpoena.
The owner of Lavabit (if not a total moron) knows this fact too, but knowing that then offering clients “protection” they he was aware he could not legally provide means he “CONED” his clients.
Again, encryption is not illegal, neither is a hammer, and used correctly they are both powerful tools.
But technology can be abused just like anything else.
It’s the attitude here, that because “technology” is involved it somehow makes it ‘OK’.
Lavabit was trying to provide a service and charging money for that service that legally they were not able to deliver.
And that’s why lavabit is not longer a viable business model.
You might not like it, but it’s the way it has ALWAYS been, it’s nothing new, Courts have been able to subpoena documents and information.
IT”S NOT THE TECHNOLOGY, it HOW IT IS USED.
In this case it’s not even the technology, Lavabit offered services they were not legally able to offer.
They were paid for that service. But could not provide it (because they HAVE to comply with Subpoena for discovery).
this may be a trap?
this may be a trap?
Anyone considering retrieving email on Lavabit should go to this link and read the comments.
http://www.reddit.com/r/worldnews/comments/1oij1d/lavabit_comes_back_online_for_96_hours_to_allow/ccsh07b
Close
That’s not quite accurate. It doesn’t just affect Lavabit, it affects potentially any business or individual that uses hosted services, so that should read:
“It’s a technological issue on which a large number of entire businesses and an increasingly ubiquitous aspect of life for private citizens are based.”
There FTFY
As anyone who has reasearched the subject of IT/internet cryptography knows, a ruling against lavabit here will accomplish EXACTLY what the NSA was lobbying for in the early 90’s: A ban against secure cryptography online.
This will have a DEVASTATING effect on soilicon valley cloud firms, including my own employer.
Every stakeh9older, from google, to large banks, should be throwing BILLIONS at this guy’s defense fund, or risk being forced offshore under threat of irrelevancy as this order is used to kill off online encryption on US shores.
Re: Re:
and ANYONE who has researched the Courts ability to subpoena for discovery will know that Courts can demand emails OR ANY OTHER DOCUMENTS relevant to their case in the name of discovery.
It’s got nothing to do with technology, it’s just a fact of law, and it’s not new.
I just got a new car, the dealer told me it’s so technical it can do 200mph.
But when I was driving it home at 200mph the police pulled me over and fined me !!!
I told the police office “it’s technologically possible for this car to do 200mph, therefore it’s LEGAL for me to go at that speed”.
The policeman said, yes, your car is technically advanced enough to go 200mph, but the speed limit here is 55mph that’s the LAW.
Just because you car is ‘technology’ does not make it exempt from the laws as they exist.
Everyone knows Courts (in the process of discovery) can subpoena documents from a business. So basing your business on a claim that they cannot and getting paid for that is fraudulent.
Technology is not an amnesty from the law.
Re: Re:
“So,” continued the policeman, “Now I can go pull over everyone else who drives the same car as you just in case they’ve ever broken the speed limit too, thanks!”
The Lavabit Hotel
You own a hotel, you advertise they you cant rent rooms in your hotel to ANYONE, AND FOR ANY PURPOSE AND YOU WILL NOT BE SEARCHED…. EVER !!!! yes, the rents are much higher in your hotel.
You advertise you can do whatever you like in your room, as you will not be searched, BUT I DONT WANT TO KNOW WHAT YOU ARE DOING IN YOUR ROOMS.. I just want your high room rent MONEY.
So people come, and knowing they are ‘free from searches’ set up their meth labs and start cooking.
Might be a meth lab, might be a business exec on a layover.
But because the owner says that residents are exempt from police searches (regardless of their activities) the owner of the hotel is just as liable for the meth lab as the people in the room.
Because the hotel owner says you wont be searched does not make any activities in the rooms ‘legal’, in fact it’s an offence for the hotel owner to rent the rooms on the premise that you will not be subject to a search.
That is not saying that everyone who stays at that hotel will be doing something illegal, it’s not that it’s simply illegal to rent the rooms under that premise in the first place.
If you know full well that the police have the right to enter rooms and search them, but with that knowledge rent those rooms (for extra money) with that assurance, that is fraudulent.
This SSL key is the same as the police raiding and searching 1 room (because of illegal activity) and then knowing the hotel owner rents rooms with an assurance of not being searched, asked the hotel owner to provide them the names and room number of the other residents in the hotel.
Not a demand they search each room, or a statement that because 1 room was doing something illegal that all rooms are. But they are asking for the details of the other residents. But that could be simply to inform them that they are victims of FRUAD by the hotel owner is renting you a room, and telling you it cannot be searched.
It is also the hotel owner committing a crime as much as the meth lab room, because the hotel owner is profiting off the fact he is renting rooms with an assurance of impunity. In itself a fraudulent act.
The court has every right to demand the Hotel (lavabit) hand over all documentation that supports the claim they are renting rooms with an implied impunity from the law and legal searches, a separate case to that of Snowden.
That is why Lavabit is in Court and under investigation, because he was conducting a fraudulent business, providing services he was aware he could not actually deliver on.
That being impunity from legal searches, he made his money on that premise. That premise is fraudulent.
Just as you cant rent a hotel room and charge extra and guarantee no police searches WHATEVER YOU DO!!! Because it’s a lie.
You also cannot really use that lie as a defence for your actions.
Nor is it going to work that saying “I sold this service I could not provide, therefore I should be able to provide it” is a stupid argument.
I don’t see why it’s so complicated for you people, again it has nothing to do with technology, it has to do with a fraudulent business model, because it’s ‘a model’ or a ‘business’ does not makes it’s activities legal, nor does the technology.
If you offer a service that you cannot legally provide, and accept money for that service (enter a contract) you are committing fraud.
Lavabit offered a service of privacy, with the knowledge that with a court order he could not assure that privacy, he was paid for something he could not deliver. He has committed an act of fraud with every one of his 400k plus clients, he sold them a product that he could not legally make good on.
The court has every right to demand discover in the investigation of this fraudulent activity, Lavabit has no choice but to cease it’s fraudulent activity. Both happened.
Re: The Lavabit Hotel
Except your analogy is fundamentally flawed. In the hotel situation you describe, what would actually happen is this:
The police have reason to believe a guest is doing something criminal in one of the rooms, so they get a subpoena and search the entire hotel and every room in it without telling any of the other occupants that their rooms had been searched.
RTFM
Ed Felten’s argument about 2 companies just shows how uneducated he is in the IT company business. Otherwise he would know that every such company has an easy to use button that can with absolute certainty tell if the user data are being exported for the good purpose (government use only) or any other nefarious reasons.
For all of you uneducated ignorants, that button is located just to the right from the another well-known button designed to reliably detect any and all online copyright infringement.
Duh.
This is no longer a personal liberty issue.
Since the lavabit fiasco, i’ve personally witnessed many potential clients for my department turn away after they noted our datacenters were in the US.
If Lavabit loses, the cloud industry in the US will be doomed to mediocrity at best, while the cream of the client crop go where “secret orders” to fundamentally cripple security are not tolerated.
If Lavabit wins, it may be a turning point in the war our government is waging on our privacy and our online rights.