My legal saga started last summer with a knock at the door, behind which stood two federal agents ready to to serve me with a court order requiring the installation of surveillance equipment on my company’s network.
My company, Lavabit, provided email services to 410,000 people – including Edward Snowden, according to news reports – and thrived by offering features specifically designed to protect the privacy and security of its customers. I had no choice but to consent to the installation of their device, which would hand the US government access to all of the messages – to and from all of my customers – as they travelled between their email accounts other providers on the Internet.
But that wasn’t enough. The federal agents then claimed that their court order required me to surrender my company’s private encryption keys, and I balked. What they said they needed were customer passwords – which were sent securely – so that they could access the plain-text versions of messages from customers using my company’s encrypted storage feature. (The government would later claim they only made this demand because of my “noncompliance”.)
Bothered by what the agents were saying, I informed them that I would first need to read the order they had just delivered – and then consult with an attorney. The feds seemed surprised by my hesitation.
What ensued was a flurry of legal proceedings that would last 38 days, ending not only my startup but also destroying, bit by bit, the very principle upon which I founded it – that we all have a right to personal privacy.