Ladar Levison shuttered his 10-year-old secure e-mail business in August, citing cryptic threats from the government. Last week, the documents in his case were unsealed, and the public learned what the government had sought from Lavabit: the ability to monitor in real time the e-mail of a single user. After discovering that there was no way to tap into the e-mail of the individual Lavabit user they were after, federal agents demanded Lavabit's private SSL key, which would give them the ability to monitor every Lavabit user.

The judge agreed and ordered Lavabit to comply, threatening $5,000-per-day fines against Levison if the company didn't. Levison supplied the private keys—and then shut down his e-mail service, destroying his 10-year-old business rather than giving the government the data it wanted.

The name of the target is still under seal, but it's now widely believed to be Edward Snowden. The government became embroiled with Lavabit in May, which is when Snowden disappeared from his job at Booz Allen Hamilton and the feds started looking for him.

After a certain amount of jockeying over deadlines, Lavabit's full appeal brief has now been filed, and it lays out with clarity the company's legal arguments.

E-mail services don’t have to wiretap for you

The government has suggested that it's entitled to get Lavabit's private keys for three reasons: the Pen Register Statute, the Stored Communications Act, and a grand jury subpoena. Lavabit attacks all three of those in its appeal.

The Pen Register Statute only requires that a company help the government install a "pen-trap" device upon issuance of a proper court order. That doesn't include handing over encryption keys, an obtrusive method which interferes with how Lavabit provides services. The government, Lavabit says, was asking for something that goes way beyond help installing a device.

"What the government has argued is, in essence, that an innocent third party must provide whatever information might hypothetically be needed to make the government's use of a pen-trap device effective—but that is not what the statute says," states the Lavabit appeal.

In a footnote, Lavabit notes that unlike traditional telecom businesses, an e-mail business isn't required to be wiretap-enabled at all. Lavabit is not "under any general obligation to operate an e-mail service that is easy to wiretap," write Lavabit's attorneys. "Nor does Lavabit have any legal duty to retain records about its customers, as businesses in more highly regulated industries do."

The Stored Communications Act allows the government to seize the contents of a particular communication—and private keys are not a particular communication, argues Lavabit. The keys are also not "information pertaining to a subscriber," which would be fair game under the SCA.

Industry standards actually require that Lavabit keep its private keys private. Lavabit's registrar, GoDaddy, revoked Lavabit's security certificate once it became public that the provider's keys were shared with the government.

400,000 users deserve the Fourth Amendment

Separately, Lavabit says the government's behavior is barred by the Fourth Amendment, which requires "probable cause that a search will uncover fruits, instrumentalities, or evidence of a crime." The private SSL keys "are none of those things: they are lawful to possess and use, they were known only to Lavabit and never used by the company to commit a crime, and they do not prove any crime occurred," says the motion.

And while the government would get access to the data of its target via the keys, it was also going to get access to data on all of Lavabit's 400,000 other customers, "including the contents of unencrypted messages and passwords that could be used to derive the keys necessary to decrypt customers' stored messages," Lavabit says. The government acknowledged it would have to go through all of that to get the data it wanted but "may have thought the collateral damage to the privacy of hundreds of thousands of people [was] outweighed by its investigative needs."

Fundamentally, Lavabit argues that there has to be some kind of limit on what kind of collection is allowed, and private SSL keys must be off limits. The brief continues:

[T]his is a very easy case. Lavabit’s private keys are not connected with criminal activity in the slightest—the government has never accused Lavabit of being a co-conspirator, for example. The target of the government’s investigation never had access to those private keys. Nor did anyone, in fact, other than Lavabit. Given that Lavabit is not suspected or accused of any crime, it is quite impossible for information known only to Lavabit to be evidence that a crime has occurred. The government will not introduce Lavabit’s private keys in its case against its target, and it will not use Lavabit’s private keys to impeach its target at trial. What the government seized from Lavabit, however, was not information about its target or the target’s crimes, but information about Lavabit. If the Fourth Amendment permits the government to seize information that is not the fruit, instrumentality, or evidence of a crime, but that would simply be useful in apprehending the suspect, there is no practical limit on the government’s gaze. It could demand the production of all manner of innocent information from all types of innocent people—no matter how intrusive or burdensome—so long as that information might plausibly assist in its investigation. (Perhaps the government could demand to read the diaries of a suspect’s friends, to learn what he was up to on certain days.) The government’s warrant was therefore invalid as unsupported by probable cause, and Lavabit should not have been held in contempt for disobeying it.

Amicus briefs supporting Lavabit are due in two weeks. The government's response is due November 4.