http://www.courthousenews.com/2014/04/18/67180.htm
Friday, April 18, 2014Last Update: 12:25 PM PT
Snowden Email Provider Remains in Contempt
By JACK BOUBOUSHIAN
(CN) - The former email provider of National Security Agency leaker Edward
Snowden should be held in contempt for trying to keep its metadata out of the
government's hands, the 4th Circuit ruled.
Snowden publicized his Lavabit email address, edsnow...@lavabit.com, while
holed up at Moscow's Sheremetyevo International Airport over the summer before
Russia gave him temporary asylum.
The former NSA contractor had gone into hiding after leaking documents
about the government's secret surveillance of Americans' phone records.
When Snowden used the Lavabit email address to inform human rights
activists that he would hold an airport press conference, federal agents served
Lavabit with a pen/trap register order requiring it to provide metadata
association with Snowden's email account.
Since Lavabit's system was not designed to retain that information,
however, the company was then served with the warrant to turn over its master
encryption Secure Sockets Layer (SSL) key.
Surrendering the SSL key would open the full email communications of
approximately 400,000 Lavabit users to government scrutiny, an investigation
method that the Electronic Frontier Foundation (EFF) likened with "trying to
hit a nail with a wrecking ball."
Lavabit ultimately complied with the subpoena, but it did not surrender
the key by the stipulated deadline, and employed stalling methods such as
providing the government with the keys in 4-point font.
U.S. District Judge Claude Hilton in Alexandria, Va., then held the
company in contempt and fined it $5,000 per day until it complied - in a
standard legible format.
The website abruptly shut down a short time later, its owner stating that
he would not "become complicit in crimes against the American people."
The EFF described the case as "an unprecedented use of the subpoena power."
It could undermine "the security of any website that relies on public key
encryption - from Facebook to Google to Bank of America to Amazon - all with a
single subpoena," the group's amicus brief to the 4th Circuit said.
"The breach of a private key should be considered a catastrophic security
event," the EFF added.
The American Civil Liberties Union also filed an amicus brief.
But the Richmond, Va.-based federal appeals court upheld the warrant
Wednesday, finding that Lavabit waived its appellate arguments by failing to
raise them in the District Court.
"Interpreting the Pen/Trap Statute's third-party-assistance provision
would require us to consider technological questions of fact," for the first
time, Judge Steven Agee wrote for the three-judge panel.
Furthermore, "Lavabit failed to make its most essential argument anywhere
in its briefs or at oral argument: it never contended that the district court
fundamentally or even plainly erred in relying on the Pen/Trap Statute to
compel Lavabit to produce its keys," the 41-page opinion states (emphasis in
original). "Yet Lavabit bears the burden of showing, 'at a minimum,' plain
error."
Lavabit urged the court to take the case as a matter of "immense public
concern."
But Agee said that "if an issue is of public concern, that concern is
likely more reason to avoid deciding it from a less-than-fully litigated
record." (Emphasis in original.)
Alan Snitow & Deborah Kaufman
Snitow-Kaufman Productions
2600 Tenth Street #603
Berkeley, CA 94710
510 841-1068
secr...@igc.org
www.snitow-kaufman.org
Facebook: Snitow-Kaufman Productions
--
Liberationtech is public & archives are searchable on Google. Violations of
list guidelines will get you moderated:
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe,
change to digest, or change password by emailing moderator at
compa...@stanford.edu.
