Skip to main content

Secure email service Lavabit relaunches, citing need for security in ‘post-Snowden world’

Secure email service Lavabit relaunches, citing need for security in ‘post-Snowden world’


The service shut down rather than hand over its SSL private keys

Share this story

Ladar Levison of Lavabit

When Edward Snowden leaked details of the NSA’s mass surveillance program PRISM in 2013, he had been using a secure email service called Lavabit. Later that summer, the service shut down after the government ordered its owner to turn over the site’s encryption keys.

Now, four years later, Lavabit is relaunching.

On January 20th, Lavabit founder Ladar Levison published a note announcing that he was relaunching Lavabit. He explained that while much has changed since the site was originally closed down, “much has not in our post-Snowden world,” and alluded to some of the major email leaks that demonstrated some of the security issues that email faces.

Former users of the service will be able to access their old accounts as well, and can migrate their accounts to the new protocols. The site will soon allow new users to sign up; they can preregister for the service at a discounted price, which normally will cost $30 for 5GB of storage or $60 for 20GB of storage.

Levison also said that he is now releasing a 2013 Kickstarter project to the public. The project, Dark Internet Mail Environment (DIME) and an email server called Magma, is an open-sourced communications platform that provides end-to-end encryption. DIME provides three levels of privacy for users: Trustful, Cautious, & Paranoid, in a user-friendly interface.

Lavabit was first launched in 2004 by programmers who had concerns about Gmail’s security, and allowed its 410,000 users to encrypt their emails. In the months following Snowden’s leaks, Levison told users that he was shutting down the service in order to protect the users of the site. He noted that he was unable to explain why, which led to speculation of a gag order. It turns out that he had been served with a search warrant that ordered him to turn over the system’s encryption and secure socket layer (SSL) keys. Rather than compromise his users, Levison opted to shut the site down.

The timing of Lavabit’s relaunch isn’t coincidental: with his election, President Donald Trump has inherited a massive and powerful surveillance apparatus in the form of the various US intelligence agencies, which can operate with little oversight. This isn’t just a concern within the United States either: the United Kingdom recently granted its police and intelligence agencies unprecedented powers to monitor its citizens.

Lavabit also returns at a time when there are more options for consumers to protect their traffic, such as WhatsApp or Facebook Messenger, both of which introduced end-to-end encryption last year.