Lavabit founder Ladar Levison. Photo by Gage Skidmore.
Who do you work for?
Most of us ultimately work for our clients or customers. But people who run companies that provide communications services are learning that they may actually work for the government - or at least the government thinks so.
Last week The New York Times reported on newly public details of the events that led Ladar Levison to close his company, email provider Lavabit. The small company received a publicity boost when it became known that National Security Agency contractor-turned-leaker Edward Snowden used the service due to its above-average security features.
Unfortunately for Levison, increased awareness included attention from the FBI, which was pursuing information on Snowden and his contacts. While Levison was willing to cooperate in tapping Snowden’s personal account under a court order, he was not willing to provide information that would essentially open the accounts of all Lavabit’s users to the authorities. “You don’t need to bug an entire city to bug one guy’s phone calls,” Levison said in a recent interview.
While Levison had opened individual accounts to law enforcement in earlier cases, that was not good enough for the officials pursuing Snowden. This conflict led to a standoff; eventually, Levison turned over Lavabit’s encryption keys and, on the same day, shuttered his service. He posted a letter on his website explaining his decision to the extent he legally could. He also noted, “[…] without congressional action or a strong judicial precedent, I would _strongly_ recommend against anyone trusting their private data to a company with physical ties to the United States.”
The Times reported that the prosecutor in Levison’s case told Levison’s lawyer that handing over encryption keys to a site while simultaneously shutting it down fell just short of a criminal act. Presumably the crime in question would be obstruction of justice, or possibly violating the court’s order that Levison produce his site’s encryption keys in electronic form.
Regardless, the implication is clear. If you run a communication business, you are working for the spymasters. And if the spymasters think your communication channel is useful to them, you have an obligation to keep running it for their benefit, regardless of your principles or of the obligation you hold to preserve your customers’ confidentiality.
Even the biggest businesses in the country have, until now, been unable to stand up to government pressure. No major telecommunication company has challenged the government’s data requests to this point, and the government contends that customers do not have the standing to challenge the process themselves. Even the threat of the full force of that pressure is enough to put businesses like Levison’s out of business. His decision to hold to his principles meant watching a decade of his life slip down the drain, with the added burden of a legal fight his two-person business was not equipped to sustain.
Levison’s struggle is one of many new developments in an unfolding story that has not yet shown any sign of reaching its climax. According to Sen. Ron Wyden, D-Ore., who along with Snowden has emerged as a hero of this drama, the security establishment continues to hide exactly what they’ve been doing, as well as when and why.
Wyden asked Gen. Keith Alexander, the head of the NSA, “whether the NSA has ever collected or made any plans to collect Americans’ cell-site information in bulk,” at a recent hearing. Alexander denied it. Yet last week The New York Times reported that a secret NSA project in 2010 and 2011 did just that. James R. Clapper, the director of national intelligence, noted when confirming The Times’ story that the data was only used to test a program that never went forward. The data “was never available for intelligence analysis purposes,” he said. There is a gap, however, between “never used” and “never collected.”
At the same Senate Judiciary Committee hearing, Alexander acknowledged that the NSA collects data on Americans through social networks. However, he was quick to call a recent Times article claiming as much “inaccurate and wrong.” Alexander did not specify what the article was wrong about; his only specific rebuttal was to deny that his agency built “dossiers” on Americans, though The Times article never suggested that it did.
The continued near-silence from top-level executive branch officials, starting with the president but also including Attorney General Eric Holder and the current and former secretaries of state, is beginning to verge on the bizarre. Yes, we know the president has a lot on his plate right now, but just weeks ago, the apprehension of Snowden seemed to be all the administration cared about. Yet Obama and those near him evidently have nothing to say about what change, if any, we need to make in our security laws and in the conduct of the security agencies that carry them out. Even at the Judiciary Committee hearing that was meant to focus on proposed NSA program reforms, Alexander and Clapper spent more time fielding questions about current practices than discussing the potential for change.
For those of us old enough to remember the era of J. Edgar Hoover, this is all beginning to seem familiar. The NSA has set itself up to be mistrusted, considering the number of practices it has first denied and later acknowledged. So perhaps we should exercise skepticism when the agency says it does not keep dossiers on Americans.
That might be true for most of us. But given the silence from above, it’s fair to wonder whether the spooks are keeping files on at least a few of their fellow citizens - namely the ones who are supposed to be minding the people who seem to be minding our business.