A Government Error Just Revealed Snowden Was the Target in the Lavabit Case
It’s been one of the worst-kept secrets for years: the identity of the person the government was investigating in 2013 when it served the secure email firm Lavabit with a court order demanding help spying on a particular customer.
Ladar Levison, owner of the now defunct email service, has been forbidden since then, under threat of contempt and possibly jail time, from identifying who the government was investigating. In court documents from the case unsealed in late 2013, all information that could identify the customer was redacted.
The documents were posted on March 4 to the federal court system known as Pacer as part of Levison’s long battle for transparency in the case that ruined his business. They were spotted this week by the transparency site Cryptome and published online.
Here’s a quick recap of that case: On June 28, 2013, shortly after newspapers published the first NSA leaks from Snowden, FBI agents showed up at Levison’s door in Texas and served him with a pen register order requiring him to give the government metadata for the email activity of one customer’s account.
The case was initially sealed and the public didn’t learn about it and the fight over Levison’s customer until after he had shuttered his email service in defiance of the government. But even after he closed Lavabit and there was no hope of the government obtaining information about the account that it had been seeking, the target was never identified. When some of the documents in the case were finally unsealed in redacted form in October 2013, however, the unredacted parts left little doubt that the Lavabit case was about Snowden, who was known to be using a Lavabit account in the spring of 2013 when his first NSA leaks were published and when he was hiding in a safe house in Hong Kong. It was still an educated guess, however.
Cut to now. With the Lavabit case long ended, Levison has kept fighting to get more of the documents unsealed and unredacted. He’s been using money raised by supporters back in 2013 to fund the fight for transparency. He filed a motion in December asking an appeals court to unseal documents and vacate a non-disclosure order that has silenced him about the target. It turns out he was a little more successful in that latter request than he thought he was—with a little help from a government error. After a hearing earlier this year, a court denied his motion to unseal and vacate but ordered US attorneys in the case to re-release all “previously filed pleadings, transcripts, and orders” with everything unredacted except “the identity of the subscriber and the subscriber’s email address.” After some negotiation, the government got the court to agree to let it redact other information as well that might harm its investigation into the target.
Then the government messed up. When the documents were re-posted to Pacer this month, Snowden’s Lavabit email address was left unredacted in plain sight in an August 2013 document.
When asked for comment, Levison’s lawyer Jesse Binnall told WIRED in an email that “due to the letter and spirit of the court’s January 7, 2016 order, Lavabit has no further comment on the unredacted email address.”
Binnall is referencing the January 2016 order in which the court denied Levison’s motion to unseal records and vacate the non-disclosure order in the case.
WIRED spoke with Levison, prior to his learning that the government had made the redaction error, about his struggle to obtain transparency. “Three years later, I still cannot tell you who they were after. I keep getting asked the question, and I can’t answer.”
Now, it appears he doesn’t have to. The government has answered for him.
But federal authorities recently screwed up and revealed the secret themselves when they published a cache of case documents but failed to redact one identifying piece of information about the target: his email address, Ed_Snowden@lavabit.com. With that, the very authorities holding the threat of jail time over Levison’s head if he said anything have confirmed what everyone had long ago presumed: that the target account was Snowden’s.
Yeah it was on PACER, but it was one of those CMECF reports, those things are expensive! So the admin of Cryptum will end up most likely paying hundreds of dollars for this one. I would too, if I would’ve ran the thing! Also, Of course anyone running the report saw it first, but I saw Snowden’s email address before Wired wrote this article, and before my Twitter search blew up, it’s now at almost 3000 items. I have a way to prove this:
I tweeted this last night. https://t.co/M30G50jmPm
— Noelle (@webgurl) March 17, 2016
Then, I quoted myself this afternoon saying I tweeted it last night. Lol, a friend of mine pointed out that it was a bit redundant, but I was in the middle of reading 560 pages!
If I wanted to finish the document, I had to reread the 41 page ruling from the fourth Circuit, I thought time might give me a different perspective on that one. Nope, time doesn’t change anything. In fact in rereading it, I forgot how many times they either said “it makes no difference,” or “Lavabit failed.” Then there’s the response to the latest motion to unseal. This little section well, it just stood out. “The Non-Disclosure Order, by contrast, precludes a single individual, Mr. Levison, from discussing a narrow set of information he did not know before this proceeding commenced, in order to protect the integrity of an ongoing criminal investigation. although the nondisclosure requirement is triggered by the content of a category of information, that category, consisting of the fact of receipt of [a National Security Letter] and some related details, is far more limited than the broad categories of information that have been
at issue with respect to typical content-based restrictions.”
You’re either confirming my 2013 theories, or well… I’m not sure why you’d talk about an NSL. I understand they were making a citation here, but there’s a way to make the citation without saying “consisting of the fact of the receipt of a national security letter.” As far as we all knew, the order wasn’t for that originally. I suppose if they wanted to make it less clear, the words “for instance” or “such as” should probably have been used.
This thing took me 5 and a half hours to read, I finished it at 1:21 this morning. If I’ve learned one thing about this case, it’s even more long and winding than I thought. Topped only by the Wikileaks case, and that isn’t taking place here. Of course, Apple could definitely outdo this one.