Iain Thomson at IENews tells us that Canadian ISP Hushmail has been giving the private keys to the DEA when their clients think they are sending PGP encrypted messages link here (hat tip to Zonk at Slashdot). The revelation occurred in a court case involving drug smuggling.

One must assume that other ISP's are doing the same thing and the idea that BitTorrent messages, often used in the exchange of copyrighted videos and music can be made secure is simply wrong. I had suggested otherwise link here. Mea culpa.

This post is slightly misleading.

The information was sent across Hushmail without the use of the Java applet, so the information came to Hushmail unencrypted. A court order requested the information, and, since Hushmail could produce it (and was obliged to under the US/Canada agreement), it did.

It does not seem keys were being proactively handed over (or at all, for that matter).

See here for more details (Wired)

Leaving aside for a moment the possibility that the government possess computing resources on the order of a quantum computer (unlikely), it is not possible for any eavesdropper to decipher a message encrypted with reasonable key length.

No computer involved in the delivery of my encrypted message has access to the original plaintext, so if the government wants to see my messages, they'll have to get from me directly or from my recipient.

You have not demonstrated that PGP is insecure, rather, that using Hushmail is insecure, which is not altogether that much of a surprise. It seems nonsensical to me that - your goal being privacy - you have an intermediary do the encryption you should be doing yourself.

The only thing that the given piece of news proves is that a cryptosystem is only as secure as the party that manages the keys. If you give the keys to an outsider (such as the management company), don't be surprised, if the key manager gives the keys to the government. If, instead, you keep your keys for yourself - the government needs you to hand over the keys.