Ladar Levison, owner of the now-defunct encrypted email site Lavabit, made headlines back in August when he shut the service down to avoid “becom[ing] complicit in crimes against the American people.” But the Lavabit saga is far from over. Levison is currently appealing a July 16 court order commanding him to turn over the site’s private SSL (Secure Socket Layer) keys. The keys would enable the government to decrypt the emails of some 400,000 Lavabit users, in addition to the communications of the only actual target (who is assumed to be Edward Snowden). Court documents unsealed earlier this month show that Lavabit initially resorted to creatively resisting compliance with production requests, going so far as to provide the government the five requested keys in unreadable 4-point font.

To win its appeal, Lavabit must successfully challenge four legal authorities compelling production of the keys: first, an order issued under the Pen Register Statute, which requires Levison to install a pen-trap device to capture information coming in and out of the targeted email account and to hand over the encryption keys that render the information readable; second, a related compliance order; third, a grand jury subpoena; and fourth, a warrant issued under the Stored Communications Act.

In a recent interview with Democracy Now, Levison made clear that—contrary to what some media reports have implied—he is not seeking to protect Snowden’s emails. Rather, Levison protests what he perceives as the government’s attempt to gain indiscriminate access to all his users’ emails. As Levison explained, the government “wanted to peel back the encryption on everyone’s information as they were connecting to my server, just so that they could listen to this one user. But yet, at the same time, they wouldn’t provide any kind of transparency back to me to assure me that they were only collecting information on one user. And I had a real problem with that.” Along this vein, in its newly filed Fourth Circuit brief, Lavabit challenges the government’s demand for the keys as a wholesale violation of user privacy: “It is unthinkable that Congress would have given the government the authority to seize keys that would make it possible to intercept all of Lavabit’s communications with all of its customers . . . .”

The government, meanwhile, has pushed back against Lavabit’s focus on the sweeping nature of the government’s requested decryption powers by emphasizing the precautions it intends to take in handling the data. In its response to Lavabit’s motion to quash both the subpoena and the search-and-seizure warrant on Fourth Amendment grounds, the government argued to the district court that existing federal statutes “will continue to limit sharply the government's authority to collect any data on any Lavabit user—except for the one Lavabit user whose account is currently the subject of the Pen-Trap Order.” The government added, “It cannot be that a search warrant is ‘general’ merely because it gives the government a tool that, if abused contrary to law, could constitute a general search.”

At trial, the government offered some technical details as to how it would prevent such abuse. According to Wired, Prosecutor James Trump was able to convince Senior Judge Claude M. Hilton that “while the metadata stream would be captured by a device, the device does not download, does not store, no one looks at it. It filters everything, and at the back end of the filter, we get what we're required to get under the order. So there's [sic] no agents looking through the 400,000 other bits of information, customers, whatever.”