DALLAS — One day last May, Ladar Levison returned home to find an F.B.I.
agent’s business card on his Dallas doorstep. So began a four-month
tangle with law enforcement officials that would end with Mr. Levison’s
shutting the business he had spent a decade building and becoming an
unlikely hero of privacy advocates in their escalating battle with the
government over Internet security.
Prosecutors, it turned out, were pursuing a notable user of Lavabit, Mr.
Levison’s secure e-mail service: Edward J. Snowden, the former National Security Agency
contractor who leaked classified documents that have put the
intelligence agency under sharp scrutiny. Mr. Levison was willing to
allow investigators with a court order to tap Mr. Snowden’s e-mail
account; he had complied with similar narrowly targeted requests
involving other customers about two dozen times.
But they wanted more, he said: the passwords, encryption keys and
computer code that would essentially allow the government untrammeled
access to the protected messages of all his customers. That, he said,
was too much.
“You don’t need to bug an entire city to bug one guy’s phone calls,” Mr.
Levison, 32, said in a recent interview. “In my case, they wanted to
break open the entire box just to get to one connection.”
On Aug. 8, Mr. Levison closed Lavabit rather than, in his view, betray
his promise of secure e-mail to his customers. The move, which he
explained in a letter on his Web site, drew fervent support from civil
libertarians but was seen by prosecutors as an act of defiance that fell
just short of a crime.
The full story of what happened to Mr. Levison since May has not
previously been told, in part because he was subject to a court’s gag
order. But on Wednesday, a federal judge unsealed documents in the case,
allowing the tech entrepreneur to speak candidly for the first time
about his experiences. He had been summoned to testify to a grand jury
in Virginia; forbidden to discuss his case; held in contempt of court
and fined $10,000 for handing over his private encryption keys on paper
and not in digital form; and, finally, threatened with arrest for saying
too much when he shuttered his business.
Spokesmen for the Justice Department and the F.B.I. said they had no comment beyond what was in the documents.
Mr. Levison’s battle to preserve his customers’ privacy comes at a time
when Mr. Snowden’s disclosures have ignited a national debate about the
proper limits of surveillance and government intrusion into American
Internet companies that promise users that their digital communications
Much of the attention has been focused on Internet giants like Microsoft
and Google. Lavabit, with just two employees and perhaps 40,000 regular
users, was a midget by comparison, but its size and Mr. Levison’s
personal pledge of security made it attractive to tech-savvy users like
While Mr. Levison’s struggles have been with the F.B.I., hovering in the
background is the N.S.A., which has worked secretly for years to
undermine or bypass encrypted services like Lavabit so that their
electronic message scrambling cannot obstruct the agency’s spying.
Earlier in September, The New York Times, ProPublica and The Guardian
wrote about the N.S.A.’s campaign to weaken encryption. Mr. Levison’s
case shows how law enforcement officials can use legal tools to pry open
messages, no matter how well protected.
Mr. Levison said he set up Lavabit to make it impossible for outsiders,
whether governments or hackers, to spy on users’ communications. He
followed the government’s own secure coding guidelines, based on the
N.S.A.’s technical guidance, and engineered his systems so as not to log
user communications. That way, even if he received a subpoena for a
user’s communications, he would not be able to gain access to them. For
added measure, he gave customers the option to pay extra to encrypt
their e-mail and passwords.
Mr. Levison, who studied politics and computer science at Southern
Methodist University, started Lavabit in April 2004, the same month
Google rolled out Gmail. To pay his bills, he worked as a Web
consultant, helping develop Web sites for major brands like Dr Pepper,
Nokia and Adidas. But by 2010, the e-mail service had attracted enough
paying customers to allow Mr. Levison to turn to Lavabit full time.
On occasion, he was asked to comply with government requests for
specific e-mail accounts, including that of a child pornography suspect
in Maryland this year. Mr. Levison said he had no qualms about
cooperating with such demands, but the latest request was far broader,
apparently to allow investigators to track Mr. Snowden’s whereabouts and
associates. When Mr. Levison called the F.B.I. agent who had left the
business card, the agent seemed interested in learning how Lavabit
worked and what tools would be necessary to eavesdrop on an encrypted
The agent did not mention at first who the government was pursuing, and
Mr. Levison will not name the targets of the government’s investigation.
The name was redacted from the court order unsealed Wednesday, but the
offenses listed are violations of the Espionage Act, and the timing of
the government’s case coincides with its leak investigation into Mr.
Snowden, which began in May when he fled Hawaii for Hong Kong carrying
laptops containing thousands of classified documents.
By then, Mr. Snowden’s Lavabit e-mail address was already public. He had
listed his personal Lavabit e-mail address in January 2010, and was
still using a Lavabit address this July, when he summoned reporters to a
news conference at the Moscow airport.
That e-mail invitation proved to be an unintended endorsement for
Lavabit’s security. Before that, Mr. Levison said that, on average,
Lavabit was signing up 200 new users daily. In the days after Mr.
Snowden’s e-mail, more than 4,000 new customers joined each day.
But a month before the news conference, court documents show, Mr.
Levison had already received a subpoena for Mr. Snowden’s encrypted
e-mail account. The government was particularly interested in his e-mail
metadata — with whom Mr. Snowden was communicating, when and from
where. The order, from the Federal District Court in Alexandria, Va.,
required Mr. Levison to log Mr. Snowden’s account information and
provide the F.B.I. with “technical assistance,” which agents told him
meant handing over the private encryption keys, technically called SSL
certificates, that unlock communications for all users, he said.
“It was the equivalent of asking Coca-Cola to hand over its secret formula,” Mr. Levison said.
By July, he said, he had 410,000 registered users. Similar services like
Hushmail, a Canadian encrypted e-mail service, had lost users in 2007
after court documents revealed that the company had handed 12 CDs’ worth
of decoded e-mails from three Hushmail accounts to American law
enforcement officials through a mutual assistance treaty.
“The whole concept of the Internet was built on the idea that companies
can keep their own keys,” Mr. Levison said. He told the agents that he
would need their request for his encryption keys in writing.
A redacted version of that request, which was among the 23 documents
that were unsealed, shows that the court issued an order July 16 for
Lavabit’s encryption keys. Prosecutors said they had no intention of
collecting any information on Lavabit’s 400,000 other customers.
“There’s no agents looking through the 400,000 other bits of
information, customers, whatever,” Jim Trump, one of the prosecutors,
said at a closed Aug. 1 hearing.
But Mr. Levison said he spent much of the following day thinking of a
compromise. He would log the target’s communications, unscramble them
with the encryption keys and upload them to a government server once a
day. The F.B.I. told him that was not enough. It needed his target’s
communications “in real time,” he said.
“How as a small business do you hire the lawyers to appeal this and
change public opinion to get the laws changed when Congress doesn’t even
know what is going on?” Mr. Levison said.
When it was clear Mr. Levison had no choice but to comply, he devised a
way to obey the order but make the government’s intrusion more arduous.
On Aug 2, he infuriated agents by printing the encryption keys — long
strings of seemingly random numbers — on paper in a font he believed
would be hard to scan and turn into a usable digital format. Indeed,
prosecutors described the file as “largely illegible.”
On Aug. 5, Judge Claude M. Hilton ordered a $5,000-a-day fine until Mr.
Levison produced the keys in electronic form. Mr. Levison’s lawyer,
Jesse R. Binnall, appealed both the order to turn over the keys and the
After two days, Mr. Levison gave in, turning over the digital keys — and
simultaneously closing his e-mail service, apologizing to customers on
his site. That double maneuver, a prosecutor later told his lawyer, fell
just short of a criminal act.
He hopes to resurrect the business he spent a decade building.