What I don't understand is why anyone trusted businesses (such as CertiVox and Lavabit) to keep their emails secure?
Because they didn't consider "because terrorism" to be a security threat that could penetrate privacy and property laws. Lavabit has proven that the Third-Party Doctrine means that once you give data to a business, you're giving it to the government.
Me personally? Because I don't actually need secure email (and so didn't use Lavabit or CertiVox).
My point is that if I did want secure email, I wouldn't trust a company whose email system architecture meant that they could read my email.
A personal email server might be a good solution, but then you have to maintain it. It seems as though it should be possible for a company to build an email system (and offer it as a service to customers) whereby they _couldn't_ read user's email.
This seems like a good thing. (And as a nice side-effect, the government can't then issue them with a warrant to read your email. Although that's not to say they can't read your email in other ways.)
I'm not aware of any companies providing double-blind encrypted email services, but they may be out there. Certainly they would eventually be accused of providing harbor to terrorists and other unsavories. At best, it sidesteps the problem of the lack of legal privacy protections when using a service provider of any kind.
Because they didn't consider "because terrorism" to be a security threat that could penetrate privacy and property laws. Lavabit has proven that the Third-Party Doctrine means that once you give data to a business, you're giving it to the government.