[liberationtech] Shuttering of Lavabit and Silent Mail Illustrate Potential Effects of a CALEA II

[LilBambi]

Thanks, much appreciated.

On Wed, Aug 14, 2013 at 3:20 PM, Joseph Lorenzo Hall <joe at cdt.org> wrote:
> (This gets a big wonky, but I figured many of you would be interested in
> reading our take. Please do share, forward, critique, etc.)
>
> https://www.cdt.org/blogs/joseph-lorenzo-hall/1408shuttering-lavabit-and-silent-mail-illustrate-potential-effects-calea
>
> # Shuttering of Lavabit and Silent Mail Illustrate Potential Effects of
> a CALEA II
>
> by Joseph Lorenzo Hall
> August 14, 2013
>
>
> With all the news during this “Summer of Snowden,” it can be easy to
> forget some of the issues that many of us worried about before the
> unprecedented sunlight cast into the U.S. surveillance apparatus. One of
> these issues, updates to the Communications Assistance for Law
> Enforcement Act (CALEA) (“CALEA II”), has resurfaced. With CALEA II, the
> FBI is pushing to expand to Internet applications the technology
> mandates of the 1994 CALEA statute, which requires telecommunications
> companies to design their services to be wiretap-friendly. Last week,
> two providers of encrypted email service – Lavabit[1] and Silent
> Circle’s Silent Mail[2] – announced that they were shutting down given
> the prospect of secret government demands for access. The news raises
> concerns that the government may be, in effect, achieving the goals of
> CALEA II without Congress’ approval and, moreover, with a sledgehammer.
>
> For the past several years, various law enforcement officials have been
> pressing for updates to CALEA in order to require a wide variety of
> online services to be wiretap-capable, a move that CDT has opposed. CDT
> and others have argued that CALEA II could slow or even block the
> development of innovative products providing secure communications to
> businesses and individuals. This past spring, technology experts issued
> a report[3] on CALEA II, arguing that requiring backdoors into end-point
> software and devices would make these products vastly less secure.
>
> Fast forward to last week: the secure email service Lavabit voluntarily
> shut down, without notice, based on an undisclosed judicial order that
> Lavabit founder Ladar Levison said put the privacy of Lavabit’s
> encrypted email users at risk. “Unfortunately, what’s become clear is
> that there’s no protections in our current body of law to keep the
> government from compelling us to provide the information necessary to
> decrypt those communications in secret,” Levison was quoted[4] as
> saying. A few hours after Lavabit announced its closure, Phil
> Zimmermann, the creator of the widely used PGP encryption and co-founder
> of Silent Circle, announced[5] that Silent Circle had decided to shut
> down its secure email product too, anticipating judicial demands in the
> future similar to the order Lavabit received.
>
> Secure communications tools are the backbone of modern e-commerce and,
> increasingly, of a wide range of online interactions. However, Lavabit
> clearly felt that it had to choose between violating the integrity of
> its users’ communications or ceasing operations. Likewise, Silent Circle
> pre-emptively shut its Silent Mail service down in anticipation of
> having to make a similar choice in the future when facing government
> demands.
>
> The result goes far beyond what Congress provided for even in CALEA I.
> That statute has a provision explicitly intended to preserve the ability
> of service providers to offer unbreakable encryption. (“A
> telecommunications carrier shall not be responsible for decrypting, or
> ensuring the government's ability to decrypt, any communication
> encrypted by a subscriber or customer, unless the encryption was
> provided by the carrier and the carrier possesses the information
> necessary to decrypt the communication.” 47 USC 1002(b)(3) (emphasis
> added)) CALEA I also explicitly states that it does not authorize “any
> law enforcement agency or officer to prohibit the adoption of any …
> service, or feature by any provider of a wire or electronic
> communication service.” Moreover, CALEA I allows, indeed encourages,
> companies to disclose the surveillance features they adopt by providing
> a safe harbor for compliance with “publicly available technical
> requirements or standards.”
>
> What did the government demand and under what authority prompted
> Lavabit’s shutdown? We don’t know, and that’s part of the problem. The
> Wiretap Act, which authorizes the government to intercept communications
> content prospectively in criminal investigations, indicates that a
> provider of wire or electronic communication service (such as Lavabit)
> can be compelled to furnish law enforcement with “all information,
> facilities and technical assistance necessary to accomplish the
> interception unobtrusively… .” 18 USC 2518(4). The Foreign Intelligence
> Surveillance Act (FISA), which regulates surveillance in intelligence
> investigations, likewise requires any person specified in a surveillance
> order to provide the same assistance (50 USC 1805(2)(B)) and so does the
> FISA Amendments Act with respect to directives for surveillance
> targeting people and entities reasonably believed to be abroad (50 USC
> 1881a(h)(1)). The “assistance” the government demands may include the
> disclosure of the password information necessary to decrypt the
> communications it seeks, if the service provider has that information,
> but modern encryption services can be designed so that the service
> provider does not hold the keys or passwords. Was the “assistance” that
> the government demanded of Lavabit a change in the very architecture of
> its secure email service? Was the “assistance” the installation of the
> government’s own malware to accomplish the same thing? Lavabit has not
> answered these questions outright, but it did make it clear that its
> concern extended to the privacy of the communications of all of its
> users, not just those of one user under one court order.
>
> We think the law is clear: if you’ve built a secure email service, the
> government can’t secretly force you to break it and rebuild it to be
> insecure under the “provider assistance” mandate that might accompany a
> surveillance order or directive. If that's what the government is
> demanding here, then we have CALEA II design mandates imposed by secret
> court order, going far beyond anything that Congress ever intended with
> the “assistance” requirements of current law and far beyond anything in
> CALEA I.
>
> If it is the government’s theory that existing law already empowers it
> to demand secret alterations in communications services, then the
> shutdowns of Lavabit and Silent Mail are very troubling indeed. Take
> just one concern: the personal safety of human rights activists who
> depend on secure email service in carrying out their work. The U.S.
> government has actually supported the development of secure
> communications tools for human rights activists. Does the shutdown of
> Lavabit mean that secure email services cannot be secure against
> government access? Or does it say the U.S. will not tolerate in the U.S.
> the kind of secure communications it is promoting in Iran or Tibet?
>
> Last week, President Obama committed his Administration to being more
> forthcoming about its surveillance activities in order to engender
> public trust. Allowing Lavabit to explain what it was about the
> government’s surveillance demands that prompted the company to shut down
> its service would go a long way toward building that trust. It would
> also tell us whether we can trust any service that promises security
> online. A negative answer to that question would have profound
> implications for both commerce and the democratic potential of the Internet.
>
> [1]: http://lavabit.com/
> [2]: https://silentcircle.com/web/silent-mail/
> [3]: https://www.cdt.org/files/pdfs/CALEAII-techreport.pdf
> [4]:
> http://news.cnet.com/8301-1009_3-57597954-83/lavabit-chief-predicts-long-fight-with-feds-q-a/
> [5]: https://silentcircle.wordpress.com/2013/08/09/to-our-customers/
>
> --
> Joseph Lorenzo Hall
> Senior Staff Technologist
> Center for Democracy & Technology
> 1634 I ST NW STE 1100
> Washington DC 20006-4011
> (p) 202-407-8825
> (f) 202-637-0968
> joe at cdt.org
> PGP: https://josephhall.org/gpg-key
> fingerprint: BE7E A889 7742 8773 301B 4FA1 C0E2 6D90 F257 77F8
>
>
> --
> Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu.