The founder of the secure email system used by NSA whistleblower Edward Snowden has raised over $50,000 to fund his legal battle with the US government.
Ladar Levinson, founder of secure email service Lavabit, arrived home in May of last year to find a business card from an FBI agent on his doorstep. This was the first sign of a four month face-off with the US authorities which ultimately led to Levinson voluntarily shutting down the secure email service he had spent a decade building up.
As he said himself, the only other option open to him was "to become complicit in crimes against the American people."
Now Levinson is facing a huge legal bill after he defied two separate FBI orders to reveal not only details about his most prominent customer - Edward Snowden - but more importantly refused to hand over the passwords, encryption keys and computer code which would have given the US authorities unfettered access to all his 400,000 customers' accounts.
Levinson is currently preparing "to fight for the constitution" in the Fourth Circuit Court of Appeals in Virginia with a favourable decision allowing him to resurrect the Lavabit service. He has set a target of almost $100,000 to fund his legal challenge - because "defending the Constitution is expensive" - and has now reached over half of that total.
Among those supporting Levinson financially are renowned Apple blogger John Gruber, Pinboard developer Maciej Ceglowski and writer Merlin Mann.
Newly unsealed document have revealed just how what informaiton the government was seeking to get from Levinson.
The initial order was served on 28 June with a request by the US government to record and reveal to the authorities the email "from" and "to" lines of every email, as well as the IP address used the access the mailbox of one particular user.
While the newly unsealed orders redact the name of the person in question, the offences under investigation are listed as violations of the Espionage Act and theft of government property, which are identical to the charges Snowden is facing in the same Virginia court.
When Lavabit and Levinson refused to comply with the order, the government complained: "The representative of Lavabit indicated that Lavabit had the technical capability to decrypt the information, but that Lavabit did not want to 'defeat [its] own system."
In the middle of July, the government increased the pressure on Lavabit and issued a second order, this time requiring Levinson to hand over "all information necessary to decrypt communications sent to or from the Lavabit e-mail account [redacted] including encryption keys and SSL keys."
Had Levinson complied, it would have effectively given the FBI the ability - along with a wiretap - to monitor all communications between Lavabit email users and the website. The newly unsealed documents however indicate the FBI was still only seeking information on one customer in particular.
Privacy at stake
At a closed-door hearing on 1 August, in front of senior US District Court Judge for the Eastern District of Virginia, Claude M. Hilton, Lavabit attorney Jesse Binnall laid out just what complying with this new order would mean:
"The privacy of Lavabit's users are at stake. We're not simply speaking of the target of this investigation. We're talking about over 400,000 individuals and entities that are users of Lavabit who use this service because they believe their communications are secure. By handing over the keys, the encryption keys in this case, they necessarily become less secure."
While it appears as if Levinson was at this stage willing to comply with the original order to hand over the metadata on Snowden, the US authorities were no longer willing to leave it at that.
"Anything done by Mr. Levison in terms of writing code or whatever, we have to trust Mr. Levison that we have gotten the information that we were entitled to get since June 28th," prosecutor James Trump told Hilton. "He's had every opportunity to propose solutions to come up with ways to address his concerns and he simply hasn't."
Hilton ruled in favour of the government:
"[The] government's clearly entitled to the information that they're seeking, and just because you-all have set up a system that makes that difficult, that doesn't in any way lessen the government's right to receive that information just as they could from any telephone company or any other e-mail source that could provide it easily."
In a bid to avoid contempt of court and possible jail time, Levinson came up with a unique method of compiling with the order to reveal the private SSL keys the FBI were after.
Levinson handed the SSL keys over as an 11-page document printed in tiny 4-point type which made them all-but illegible.
"To make use of these keys, the FBI would have to manually input all 2,560 characters, and one incorrect keystroke in this laborious process would render the FBI collection system incapable of collecting decrypted data," prosecutors wrote.
The court ordered Levinson to supply the more useful electronic copy and on 5 August with Levinson still refusing, the court ordered Lavabit be fined up to $5,000 a day until the keys were handed over. Three days later the service was shut down.