It appears under USA-PATRIOT 216, virtually any information service provider is compelled to assist with a pen register implementation, which is bullshit. Prior to that, you could have not assisted, forcing the LEA to do it themselves, and if you had crypto and no technical ability to turn over the keys, it'd be at worst a shutdown. Now, you probably can be legally compelled to assist fully and subvert anything.
I assumed this stuff only applied to CALEA entities like PSTN, PSTN-interconnected-voip, and broadband ISPs; it appears it is actually patriot and means there's enough legal pretext to essentially always get keys:
1) Any non-CALEA entity probably does NOT have a system which can log every pen trap piece of data desired. If there's even a single thing which your system internally can't provide, LEA could argue that their own pen trap would be more effective, and could compel you to turn over keys to populate their device. They could compel you to generate new keys outside an HSM if you have technical controls to protect your existing keys from disclosure, too, and disguise that as "hsm failure" or something like that. It seems pretty open ended.
A non-charitable view of the entire Lavabit thing is that it was a roundabout way/pretext to compel key disclosure. It doesn't matter if USG uses the keys illegally for something which isn't used in a criminal prosecution; the data in Snowden's mail is of intelligence value where those rules don't apply.
2) Unless Patriot 216 is found unconstitutional, Ladar is fucked, as is the entire US IT/cloud industry. I don't believe in Lavabit's "keys are protected" argument -- the court presumes LEAs are trustworthy, and will accept just restrictions in policy on what they can do with keys. Only eliminating pen registers for "arbitrary Internet services" will work, and that probably won't happen.
I assumed this stuff only applied to CALEA entities like PSTN, PSTN-interconnected-voip, and broadband ISPs; it appears it is actually patriot and means there's enough legal pretext to essentially always get keys:
1) Any non-CALEA entity probably does NOT have a system which can log every pen trap piece of data desired. If there's even a single thing which your system internally can't provide, LEA could argue that their own pen trap would be more effective, and could compel you to turn over keys to populate their device. They could compel you to generate new keys outside an HSM if you have technical controls to protect your existing keys from disclosure, too, and disguise that as "hsm failure" or something like that. It seems pretty open ended.
A non-charitable view of the entire Lavabit thing is that it was a roundabout way/pretext to compel key disclosure. It doesn't matter if USG uses the keys illegally for something which isn't used in a criminal prosecution; the data in Snowden's mail is of intelligence value where those rules don't apply.
2) Unless Patriot 216 is found unconstitutional, Ladar is fucked, as is the entire US IT/cloud industry. I don't believe in Lavabit's "keys are protected" argument -- the court presumes LEAs are trustworthy, and will accept just restrictions in policy on what they can do with keys. Only eliminating pen registers for "arbitrary Internet services" will work, and that probably won't happen.
(IANAL)