A court document in a drug smuggling case has shown that the private Hushmail email service has been cooperating with police in handing over user emails.

Hushmail claims to offer unreadable email by using PGP encryption technology and a company-specific key management system which it says will ensure that only the sender and recipient can read the emails.

However, it seems that the Canadian company has been divulging keys to the US authorities.

The court document (PDF) describes the tracking of an anabolic steroid manufacturer who was being investigated by the Drug Enforcement Administration (DEA).

The document alleges that the majority of those engaged in the trade in anabolic steroids use Hushmail to communicate.

The DEA agents received three CDs containing emails for the targets of the investigation that had been decrypted as part of a mutual legal assistance treaty between the US and Canada.

The news will be embarrassing to Hushmail, which has made much of its ability to ensure that emails are not read by the authorities, including the FBI's Carnivore email monitoring software.

"Hushmail's security cannot be broken or weakened by this government sponsored snooping software," the company states.

"The only way to decrypt or unscramble Hush messages is by using your pass-phrase when you open up your Hushmail account. Carnivore cannot decrypt your mail, and is powerless against messages sent between Hush users."