Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Fwd: CryptoSeal shutters, ala: LavaBit

Joseph Lorenzo Hall joe at cdt.org
Tue Oct 22 06:43:52 PDT 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256



On 10/21/13 9:08 PM, Zack Brisson wrote:
> Naive question from an ignorant amateur:
> 
> What are the legal implications if service providers using any
> surveil-able channel offer terms of service stating they will:
> Terminate service provision prior to release of a user's
> information to a third party in instances where prior notice of
> intended release has not been made.
> 
> I don't understand enough of the law to determine whether or not
> the series of cases referenced below represents a new legal
> precedent or something else. I.e. Given the commercial implications
> of many communications facilitated services, could economic
> considerations create legal standing of comparable relevance to the
> security considerations? If a commercial entity complies with state
> coercion, in conflict with their commercial obligations that they
> have explicitly rather than implicitly made, who arbitrates the
> spread of loss & risk across actors?

I'm not sure any of us have particularly satisfying answers. I think
the crucial lesson from Lavabit is that close-to-end-to-end is not
good enough to avoid having keying material compelled or to have
compelled appliances attached to your network. Many of us are arguing
(and will continue to argue) that no secure communications service
should have to rearchitect itself to assist government surveillance.
So, if you keep private keying material in a central place that the
USG can think of a way of getting at it (or if they can get at
something that can allow them to get at private keying material),
you're going to have a bad time of it.

We're certainly watching the Lavabit appeal in the 4th Circuit and
will definitely call upon this community to speak up when it comes
time to write a friend-of-the-court (amicus) brief.

best, Joe

- -- 
Joseph Lorenzo Hall
Chief Technologist
Center for Democracy & Technology
1634 I ST NW STE 1100
Washington DC 20006-4011
(p) 202-407-8825
(f) 202-637-0968
joe at cdt.org
PGP: https://josephhall.org/gpg-key
fingerprint: BE7E A889 7742 8773 301B 4FA1 C0E2 6D90 F257 77F8


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (Darwin)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEAREIAAYFAlJmgRgACgkQwOJtkPJXd/iWNACffcxLYZEPAVGNePvS7D2WBrLk
FYkAoIWzNhSTA4Tjn5Ux31b7u7F2Sv5x
=EUA0
-----END PGP SIGNATURE-----




More information about the liberationtech mailing list