While commenters are mentioning that this particular method has not been tested in court, is there any reason to believe that it wouldn't work? Similar situations have happened before when a group loudly says "no comment" and this is interpreted as a confirmation. E.g. in the case of the leaks last week, Google, Facebook, MS, etc explicitly denied that they were involved in blanket government surveillance, but Verizon only said "no comment"[1] in an internal email about the phone metadata news story. If the government could actually force them to lie, then they would have issued an explicit denial like the other companies.
Outside of spy fiction and conspiracy theories, I haven't seen any evidence that the government can legally force someone to lie (vs just a no comment) in order to cover up an NSL or FISA order.
Is there any evidence that they would able to force a company using a warrant canary to issue a fake one or respond with anything other than "no comment" to direct questions from the media?
If you say "No comment" and it leaves open more than 1 possibility then it would be unfair to ascribe any particular positive statement to that.
On the other hand, if you're pre-arranged that you will simply fail to communicate something after a certain event then there is no doubt what statement has been made. A judge will see right through this if it's tried and probably impose contempt of court. If one were to try something like this it would be essential to broaden the scope enough that it couldn't be used to reference a specific gag order.
Agree with the second half of this statement - this idea is too cute by half for the courts. Acts and omissions both have significance under the law, as does the context of acts and omissions. If the warrant canary convention was considered by the court as context for a statement, it is very likely the court would rule that a statement had been made. The only way around this would be to have an evidentiary mechanism by which a company can prove that it has no control over the canary. This gives rise to the old conundrum: it's logically impossible to prove a negative (although you might be able to under various burdens of proof like "balance of probabilities" or some such).
Edit: Ultimately, legality turns on the statutory language of the provision in the Patriot Act that obligates businesses not to disclose (anyone know what it is?). The approach as originally proposed by by Steven Schear (http://tech.groups.yahoo.com/group/cypherpunks-lne-archive/m...) was for the ISP to simply not answer a direct inquiry by a customer about whether or not a warrant has been served. The advantage of this approach is that it is far harder to provide evidence to the effect that not responding to the question in that context is a statement. The disadvantage is that a non-response might not provide certainty to the person who asked the question. Effectively, the more that a clear convention is formed around the "canary mechanism", the higher the risk that a court would hold conduct in association with the convention in breach of the statutory obligation not to disclose.
>A judge will see right through this if it's tried and probably impose contempt of court. If one were to try something like this it would be essential to broaden the scope enough that it couldn't be used to reference a specific gag order.
[citation needed]
Has there been a case where the judge forced a civilian to lie?
Sadly, this probably would not hold up in court, if the government ever tried to challenge it (why would they, though? The last thing they want is a ruling against them; better to just threaten ISPs with more regulation). On the other hand, a company might get away with a plausibly inadvertent side channel e.g. something like this:
"Your honor, we went above and beyond the law, creating a special system for handling lawful surveillance requests by the FBI and NSA. Unfortunately, the expanding volume of surveillance requests has overwhelmed this system, resulting in unintentional increases in latency experienced by surveillance targets. Our technical support staff is developing a solution..."
Anti Money Laundering legislation normally lists an offence known as 'tipping off'. If during a transaction a bank or regulated financial agent becomes suspicious of a client or a transaction then they are not only obligated to report it to the authorities but they are explicitly prevented from communicating their suspicions in any way to the client.
If the client is asking why the transaction or payment is delayed while the authorities investigate then the regulated company cannot mention the real reason and have to try and make up a lie or explain that some other entity is responsible for the delay and they don't know the real reason.
This is true in the UK at least and I assume you can see how it relates to the Warrant Canary concept. I will add that the tipping off offence is backed up with the threat of jail time for staff and directors in a company.
The relevance of the article has changed, hence the upvotes. The point of the system is to deliver articles, that at any given time, are most relevant to the audience reading them (which is why I would imagine I have not seen many articles about Fortran frameworks or the Princess Diana death on the front page as of late). It's also the reason that articles have a karma decay formula based on time.
Instinctly, I would agree with you. As a counter-argument though, the gun industry has been able to pull off many legal hacks with similar spirit. See "bullet buttons", 80% lower receivers, or bump-firing attachments. These all got around the spirit of laws and are routinely done now. I don't see why the computer industry can't have their set of legal hacks.
The difference is that this doesn't get around the "spirit of the law", but directly acts in breach of it. They are essentially creating a heart beat, and using a break in that heart beat to signal that a certain event has taken place.
As best as I can tell, that is disclosing information.
Perhaps they could be sued either way. If a company states on their website that "We do not do X", and then starts doing X they are left with two choices, leaving a false message up or taking it down.
If they leave it up, and the truth eventually comes out, could they be sued for misleading their shareholders?
If they take it down does that open them up to being sued by the government?
You are correct that a company could be sued for other things, such as lying. My point is that a warrant canary _does_ disclose information; specifically through implication. I am sure that in a court of law, given that an implication made by a warrant canary is reasonably obvious, it could be argued that the party in question was indeed attempting to disclose information prohibited by the gag order, and as such, is in breach of the gag order.
Say I'm a hosting company. I doubt that the authorities can compel me to lie to my customers in the form of not terminating the canary. Moreover, I think I have every right to choose to terminate any running process on my machine. The implications of the "canary understanding" between me and my customer should have no bearing on those fundamental facts.
They judge won't have to compel you to lie. He'll simply instruct you not to communicate with your customers in any way about the warrant.
If you cancel the canary and your customers find out about the warrant, the judge won't care how you dressed it up.. he told you not to communicate a fact, and you did.
You can't game your way around that.. the court will care about outcome, not method.
This is the common sense position, but nothing about it being common sense prevents them from telling you to do otherwise. These are people that justify their system with the system that remains otherwise unjustified.
It's effectiveness is not proven one way or another, as it has not been implemented by many people, or tested in a court of law. At best, it's a novel hack.
Too bad the law is interpreted by people and not computers. These kinds of hijinks are frowned upon in courts. "Here look, I'll illuminate the pixels that aren't part of the message and leave the other pixels dark!"
This is a very important distinction to remember when you hear people trying to find little technicalities around the law. This solution may subvert the letter of the law but it does not give you immunity from the spirit of the law (which is considered in courts).
Also, if you are going to try to make a play against the letter of the law you need to be excellent at maneuvering the details, which this solution is not. The definition of "disclose the existence of" is not confined to explicit verbal or written behavior and this could by every definition be disclosing the existence of something.
Something that would have a better chance of holding in court would be to encrypt the NSA Requests for information in a file, host them publicly but "lose" the keys. It would be hard to prove that it was more than negligence.
The whole 4'33" thing kind of broke down for me; I thought the point for Cage was to capture the ambient sound of the area where the performance was taking place? He wasn't making a statement about different types of absolute silence, he was commenting on the different types of imperfect silence in an analog environment.
He wrote that whole essay without using the r-word once, it is of course pretty obvious that digital files are made of bits, but it's reductionism to see them as only bits.
That's not unique to binary at all, humans are only fleshy machines made of cells, cells are only collections of atoms and atoms are only energy. Of course the universe doesn't care about any of those distinctions, those distinctions are "just" colorings imposed by our worldview.
Or we can use the same logic that the Clapper and Alexander use. Instead of the canary, just publish a database containing a list of the NSLs. Distribute a client that syncs the database, and disallows logins if your user is affected. Politely ask that your users not attempt to view the information in the database that has been sent to them periodically.
Since no human actually read the contents, they didn't "collect" your communication, so you haven't broken the law.
Remember, they themselves set the legal standard so that you can have all of the data you want, but it doesn't count as you officially having it until you actually look at it!
"We only have the capability to record your activity on server X. Currently you are using server Y. Click here to be re-assigned servers."
In other words, if such a company got an warrant regarding a user, they would always handle that user on server X. Therefore, that user would be able to tell they were being monitored (to some % certainty) by refreshing their server assignment several times. If they were always assigned to server X, they could conclude that the company was probably trying to record their activity. A user couldn't be 100% certain because it would be possible that they were randomly assigned to X every time.
If the software is automatically set to report that the provider has not received a warrant, then when it receives an order, it must undertake an action to tell the software not to post that it hasn't received an order. A judge would likely rule that this action is a violation of any confidentiality provisions, since the intent of the system is clearly laid out in advance. It's no different than working out a specific hand signal in advance to notify someone of trouble - flashing that signal is a violation.
just going wild here, but what if say, i create a license agreement with a third-party such that anytime data is retrieved from my backend system, it trips a wire, and this third party will receive the notification that this wire is tripped.
When the NSL comes, this system will disclose information, violating the NSL. So you are compelled by law to remove the trip wire. The third party periodically requests data from me, and notices the wire didn't trip.
Well, that actually may fly (arguably). The difference between that and the "warrant canary" is that you are not specifically taking an action in response to the NSL that is designed to notify another person in violation of the order/letter. What you are talking about is more of an intrusion detection system.
Simple solution: A startup firm that warrant canaries FOR you. Every week your company receives a phone call. The pre-arranged contact is asked "Were any federal subpeonas issued for you to disclose customer data in a blanket fashion?"
The normal reply would (hopefully) no. Otherwise it might be "no comment."
I believe this would absolve the contact in question from perjuring themselves under the fifth amendment and would be no different than those "our website is hackproof" badges that get sold.
This is essentially the same system, but with a middle man. It may obfuscate some of the players involved, but it doesn't solve the issue that you are still disclosing information due to the pre-agreed context of the conversation.
I wonder about the situation where you didn't pre-arrange it. You just start cold-calling companies and asking them on a regular basis. Assuming you found a company that started out giving you a straight answer, then later moved to "no comment" due to receiving such a thing, which one of you would be liable?
my own take is each person asks individually (through a service) and the company is then forced to respond via an automated method (or set up an api) to deal with the deluge of requests (sound familiar?)
I feel for something like this to have a chance of holding up in court, the company would have to be less up front about the purpose of it. rsync tells the user that if they miss a day, or it stops getting updated, then something is wrong. I think without statements like that, and calling it canary.txt, they would stand a better chance of holding this up in court.
A number of people have pointed out that this method probably wouldn't hold up in courts because you are, in effect, communicating the existence of a NSL by ceasing to update the canary. And when courts consider the legal rights of a government body charged with fighting terrorism against the ill defined rights of a server owner to control the content of their server, the rights of the former are likely to trump those of the latter.
But since the purpose of this method is to effect civil disobedience, maybe the same end could be realized via different means. Hypothetically speaking, if a service provider kept a database of all NSLs received, but failed to strongly secure the database, leading to its access by an outside third party, this shouldn't constitute "communication". The database could perhaps be made accessible via a URL ("to enable remote workers to view and process NSLs" or some plausible justification) but protected by a weak password. An employee of that service provider could then secretly leak the password to a third party. Bad network security is not a crime, and unless the third party revealed that the password had been leaked, there would be no way to prove that it wasn't guessed or brute forced.
Fail deadly mechanisms go off unless they are explicitly told not to. During the cold war, Russia implemented fail deadly policies in an attempt to assure a retaliatory nuclear strike would go off even if most in power were taken out by a first strike.
of course they have. For example, having corporate "document retention" policies that are actually destruction policies is usual to avoid risks associated with legal discovery.
And actus reus is a fairly critical technical element of the law. If a company has a policy of issuing (true) warrant canaries, the non-act of not issuing a (false) canary would be a significant technical hurdle to prosecution. And the 1st amendment would be a significant hurdle to coercing a person to issue (false) canaries.
Part of the risk that "document retention" policies mitigate is the risk of a staggeringly expensive legal discovery phase--not just the removal of potentially damaging correspondence per se. Imagine that your company kept 100,000 volumes of dense text on file, and frequently had to pay a legal team to pore over those volumes and think about which parts might be germane to routine legal disputes. Good for the lawyers' billing, but ruinous for the business.
Presumably the authorities in question avoid issuing gagged orders to anyone who would use such a thing: They're likely to fight the gag, or likely to leak— better to use another approach.
I can easily imagine an authority issuing a warrant to rsync.net without knowing that there is a canary in place. It seems less likely for an NSL with an attached gag order, but still possible.
I was wondering about something similar yesterday; the feasibility of a provider truthfully indicating receipt whilst staying within the confines of the law.
For a 'regular' warrant, a provider can "confirm" or "deny" being served. Presumably they can "deny" being served a secret warrant if one hasn't been served, because the terms of a secret warrant presumably only require them to decline acknowledgement if they've been served, in which case they could "neither confirm nor deny", couldn't they?
What if you had a security vulnerability on a server which contains a record of NSL's/subpoenas (for administration purposes), which is conveniently exposed on the internet. A customer could "hack" your server, and obtain the information, thus it isn't the ISP's fault - in fact, the isp claims no knowledge of this vulnerability at all.
This concept strikes me as really weak. It acts under the pretense that a gag order is valid. The whole concept of a gag order needs to be confronted, not skittered away from.
Within the construct of the US government, these type of gag orders are legally valid at this point in time. Whether they should be is another matter all together, but given precedent, the assumption that they are valid is rational.
There is a lot of confusion around this topic so let's get something out of the way: none of the companies mentioned in the leak were served ANY search warrants.
The participating companies were active participants in the spying scheme using the Patriot Act and FISA requests, not search warrants.
While commenters are mentioning that this particular method has not been tested in court, is there any reason to believe that it wouldn't work? Similar situations have happened before when a group loudly says "no comment" and this is interpreted as a confirmation. E.g. in the case of the leaks last week, Google, Facebook, MS, etc explicitly denied that they were involved in blanket government surveillance, but Verizon only said "no comment"[1] in an internal email about the phone metadata news story. If the government could actually force them to lie, then they would have issued an explicit denial like the other companies.
Outside of spy fiction and conspiracy theories, I haven't seen any evidence that the government can legally force someone to lie (vs just a no comment) in order to cover up an NSL or FISA order.
Is there any evidence that they would able to force a company using a warrant canary to issue a fake one or respond with anything other than "no comment" to direct questions from the media?
http://www.buzzfeed.com/mattlynley/verizons-internal-memo-to...
If you say "No comment" and it leaves open more than 1 possibility then it would be unfair to ascribe any particular positive statement to that.
On the other hand, if you're pre-arranged that you will simply fail to communicate something after a certain event then there is no doubt what statement has been made. A judge will see right through this if it's tried and probably impose contempt of court. If one were to try something like this it would be essential to broaden the scope enough that it couldn't be used to reference a specific gag order.
Agree with the second half of this statement - this idea is too cute by half for the courts. Acts and omissions both have significance under the law, as does the context of acts and omissions. If the warrant canary convention was considered by the court as context for a statement, it is very likely the court would rule that a statement had been made. The only way around this would be to have an evidentiary mechanism by which a company can prove that it has no control over the canary. This gives rise to the old conundrum: it's logically impossible to prove a negative (although you might be able to under various burdens of proof like "balance of probabilities" or some such).
Edit: Ultimately, legality turns on the statutory language of the provision in the Patriot Act that obligates businesses not to disclose (anyone know what it is?). The approach as originally proposed by by Steven Schear (http://tech.groups.yahoo.com/group/cypherpunks-lne-archive/m...) was for the ISP to simply not answer a direct inquiry by a customer about whether or not a warrant has been served. The advantage of this approach is that it is far harder to provide evidence to the effect that not responding to the question in that context is a statement. The disadvantage is that a non-response might not provide certainty to the person who asked the question. Effectively, the more that a clear convention is formed around the "canary mechanism", the higher the risk that a court would hold conduct in association with the convention in breach of the statutory obligation not to disclose.
4 replies →
>A judge will see right through this if it's tried and probably impose contempt of court. If one were to try something like this it would be essential to broaden the scope enough that it couldn't be used to reference a specific gag order.
[citation needed]
Has there been a case where the judge forced a civilian to lie?
3 replies →
What about services providing public API functions like:
getWarrantCurrentStatus(custID) // "No"/"No Comment"/"Yes"
getWarrantLastChangeDateTime(custID)
getWarrantPreviousStatus(custID)
getWarrantHistoricalStatus(custID, DateTime)
getWarrantResponseCurrentCount(custID, responseType) // accepts only "No Comment" or "Yes"
getWarrantResponseHistoricalCount(custID, DateTime, responseType)
// for all the above functions, a custID of 'MagicNumber' is the special customer ID of 'Anyone'.
> is there any reason to believe that it wouldn't work?
Yes. The law generally isn't a binary automaton that can be "tricked" by a bit of clever catch-22 logic.
Your canary is a one-bit communications channel. Removing it or ceasing to update it constitutes flipping the bit. That, obviously, is communication.
not if it decays by default (TOTP). I don't think ISP-s can be mandated to periodically refresh the hash.
2 replies →
Sadly, this probably would not hold up in court, if the government ever tried to challenge it (why would they, though? The last thing they want is a ruling against them; better to just threaten ISPs with more regulation). On the other hand, a company might get away with a plausibly inadvertent side channel e.g. something like this:
http://torrentfreak.com/kim-dotcoms-gaming-lag-hints-spying-...
"Your honor, we went above and beyond the law, creating a special system for handling lawful surveillance requests by the FBI and NSA. Unfortunately, the expanding volume of surveillance requests has overwhelmed this system, resulting in unintentional increases in latency experienced by surveillance targets. Our technical support staff is developing a solution..."
Anti Money Laundering legislation normally lists an offence known as 'tipping off'. If during a transaction a bank or regulated financial agent becomes suspicious of a client or a transaction then they are not only obligated to report it to the authorities but they are explicitly prevented from communicating their suspicions in any way to the client.
If the client is asking why the transaction or payment is delayed while the authorities investigate then the regulated company cannot mention the real reason and have to try and make up a lie or explain that some other entity is responsible for the delay and they don't know the real reason.
This is true in the UK at least and I assume you can see how it relates to the Warrant Canary concept. I will add that the tipping off offence is backed up with the threat of jail time for staff and directors in a company.
What a difference submission time makes.
https://news.ycombinator.com/item?id=5419177
The relevance of the article has changed, hence the upvotes. The point of the system is to deliver articles, that at any given time, are most relevant to the audience reading them (which is why I would imagine I have not seen many articles about Fortran frameworks or the Princess Diana death on the front page as of late). It's also the reason that articles have a karma decay formula based on time.
His point exactly
There's also some randomness and stochasticity to the process, and you just have to accept it.
Unfortunately, the disclosure of information via negation will almost certainly not hold up in a court of law.
Fortunately, NSL gag orders themselves have not held up in a court of law either.
http://www.wired.com/threatlevel/2013/03/nsl-found-unconstit...
Twice: http://www.wired.com/threatlevel/2010/08/nsl-gag-order-lifte...
Instinctly, I would agree with you. As a counter-argument though, the gun industry has been able to pull off many legal hacks with similar spirit. See "bullet buttons", 80% lower receivers, or bump-firing attachments. These all got around the spirit of laws and are routinely done now. I don't see why the computer industry can't have their set of legal hacks.
The difference is that this doesn't get around the "spirit of the law", but directly acts in breach of it. They are essentially creating a heart beat, and using a break in that heart beat to signal that a certain event has taken place.
As best as I can tell, that is disclosing information.
12 replies →
Perhaps they could be sued either way. If a company states on their website that "We do not do X", and then starts doing X they are left with two choices, leaving a false message up or taking it down.
If they leave it up, and the truth eventually comes out, could they be sued for misleading their shareholders?
If they take it down does that open them up to being sued by the government?
You are correct that a company could be sued for other things, such as lying. My point is that a warrant canary _does_ disclose information; specifically through implication. I am sure that in a court of law, given that an implication made by a warrant canary is reasonably obvious, it could be argued that the party in question was indeed attempting to disclose information prohibited by the gag order, and as such, is in breach of the gag order.
4 replies →
National Security Letters grant the recipient immunity from civil lawsuits if you comply in good faith. They think of everything!
7 replies →
Say I'm a hosting company. I doubt that the authorities can compel me to lie to my customers in the form of not terminating the canary. Moreover, I think I have every right to choose to terminate any running process on my machine. The implications of the "canary understanding" between me and my customer should have no bearing on those fundamental facts.
They judge won't have to compel you to lie. He'll simply instruct you not to communicate with your customers in any way about the warrant. If you cancel the canary and your customers find out about the warrant, the judge won't care how you dressed it up.. he told you not to communicate a fact, and you did.
You can't game your way around that.. the court will care about outcome, not method.
5 replies →
This is the common sense position, but nothing about it being common sense prevents them from telling you to do otherwise. These are people that justify their system with the system that remains otherwise unjustified.
12 replies →
maybe, maybe not point is, it is a very effective idea for civil disobedience
It's effectiveness is not proven one way or another, as it has not been implemented by many people, or tested in a court of law. At best, it's a novel hack.
1 reply →
Too bad the law is interpreted by people and not computers. These kinds of hijinks are frowned upon in courts. "Here look, I'll illuminate the pixels that aren't part of the message and leave the other pixels dark!"
This is a very important distinction to remember when you hear people trying to find little technicalities around the law. This solution may subvert the letter of the law but it does not give you immunity from the spirit of the law (which is considered in courts).
Also, if you are going to try to make a play against the letter of the law you need to be excellent at maneuvering the details, which this solution is not. The definition of "disclose the existence of" is not confined to explicit verbal or written behavior and this could by every definition be disclosing the existence of something.
Something that would have a better chance of holding in court would be to encrypt the NSA Requests for information in a file, host them publicly but "lose" the keys. It would be hard to prove that it was more than negligence.
Wouldn't publicly hosting the files (even encrypted) be considered "disclosing"?
Then there's the "loss" of the keys - another act that is highly suspicious depending on how well it's orchestrated.
Finally, any documentation or meetings where you are outlining these moves would be highly interesting in such a case.
Even better: make it so the image of the message appears on the customer's eyeballs' retinas upside-down!
So I'm going to send you a continuous stream of 1's saying currently my blueray play is not outputting a 1 from the movie 'The Godfather'
Wink wink.
http://ansuz.sooke.bc.ca/entry/23
The whole 4'33" thing kind of broke down for me; I thought the point for Cage was to capture the ambient sound of the area where the performance was taking place? He wasn't making a statement about different types of absolute silence, he was commenting on the different types of imperfect silence in an analog environment.
4 replies →
He wrote that whole essay without using the r-word once, it is of course pretty obvious that digital files are made of bits, but it's reductionism to see them as only bits.
That's not unique to binary at all, humans are only fleshy machines made of cells, cells are only collections of atoms and atoms are only energy. Of course the universe doesn't care about any of those distinctions, those distinctions are "just" colorings imposed by our worldview.
but your honour, by definition my stream is not(the godfather).
I would imagine the kind of court that would test this concept would not be held under the eye of the public.
I like the "citation needed" there. Quite ironic in the context of orwelian policies.
Or we can use the same logic that the Clapper and Alexander use. Instead of the canary, just publish a database containing a list of the NSLs. Distribute a client that syncs the database, and disallows logins if your user is affected. Politely ask that your users not attempt to view the information in the database that has been sent to them periodically.
Since no human actually read the contents, they didn't "collect" your communication, so you haven't broken the law.
Remember, they themselves set the legal standard so that you can have all of the data you want, but it doesn't count as you officially having it until you actually look at it!
What if a company told all its customers this:
"We only have the capability to record your activity on server X. Currently you are using server Y. Click here to be re-assigned servers."
In other words, if such a company got an warrant regarding a user, they would always handle that user on server X. Therefore, that user would be able to tell they were being monitored (to some % certainty) by refreshing their server assignment several times. If they were always assigned to server X, they could conclude that the company was probably trying to record their activity. A user couldn't be 100% certain because it would be possible that they were randomly assigned to X every time.
If the software is automatically set to report that the provider has not received a warrant, then when it receives an order, it must undertake an action to tell the software not to post that it hasn't received an order. A judge would likely rule that this action is a violation of any confidentiality provisions, since the intent of the system is clearly laid out in advance. It's no different than working out a specific hand signal in advance to notify someone of trouble - flashing that signal is a violation.
just going wild here, but what if say, i create a license agreement with a third-party such that anytime data is retrieved from my backend system, it trips a wire, and this third party will receive the notification that this wire is tripped.
When the NSL comes, this system will disclose information, violating the NSL. So you are compelled by law to remove the trip wire. The third party periodically requests data from me, and notices the wire didn't trip.
What law was broken by the above scenario?
Well, that actually may fly (arguably). The difference between that and the "warrant canary" is that you are not specifically taking an action in response to the NSL that is designed to notify another person in violation of the order/letter. What you are talking about is more of an intrusion detection system.
Simple solution: A startup firm that warrant canaries FOR you. Every week your company receives a phone call. The pre-arranged contact is asked "Were any federal subpeonas issued for you to disclose customer data in a blanket fashion?"
The normal reply would (hopefully) no. Otherwise it might be "no comment."
I believe this would absolve the contact in question from perjuring themselves under the fifth amendment and would be no different than those "our website is hackproof" badges that get sold.
If someone wants to run with the idea, I'm game.
This is essentially the same system, but with a middle man. It may obfuscate some of the players involved, but it doesn't solve the issue that you are still disclosing information due to the pre-agreed context of the conversation.
I wonder about the situation where you didn't pre-arrange it. You just start cold-calling companies and asking them on a regular basis. Assuming you found a company that started out giving you a straight answer, then later moved to "no comment" due to receiving such a thing, which one of you would be liable?
ha, beat me to it, was just writing this!
my own take is each person asks individually (through a service) and the company is then forced to respond via an automated method (or set up an api) to deal with the deluge of requests (sound familiar?)
rsync.net has done this for quite some time, although I have no idea if it's ever been challenged:
http://www.rsync.net/resources/notices/canary.txt
As is pointed out in the wikipedia article, Warrant Canaries have not been tested in a court of law.
It is logically possible that they have been tested, and struck down, in a secret court.
1 reply →
I feel for something like this to have a chance of holding up in court, the company would have to be less up front about the purpose of it. rsync tells the user that if they miss a day, or it stops getting updated, then something is wrong. I think without statements like that, and calling it canary.txt, they would stand a better chance of holding this up in court.
That's just my opinion though.
A number of people have pointed out that this method probably wouldn't hold up in courts because you are, in effect, communicating the existence of a NSL by ceasing to update the canary. And when courts consider the legal rights of a government body charged with fighting terrorism against the ill defined rights of a server owner to control the content of their server, the rights of the former are likely to trump those of the latter.
But since the purpose of this method is to effect civil disobedience, maybe the same end could be realized via different means. Hypothetically speaking, if a service provider kept a database of all NSLs received, but failed to strongly secure the database, leading to its access by an outside third party, this shouldn't constitute "communication". The database could perhaps be made accessible via a URL ("to enable remote workers to view and process NSLs" or some plausible justification) but protected by a weak password. An employee of that service provider could then secretly leak the password to a third party. Bad network security is not a crime, and unless the third party revealed that the password had been leaked, there would be no way to prove that it wasn't guessed or brute forced.
See also: http://en.wikipedia.org/wiki/Fail_deadly
Fail deadly mechanisms go off unless they are explicitly told not to. During the cold war, Russia implemented fail deadly policies in an attempt to assure a retaliatory nuclear strike would go off even if most in power were taken out by a first strike.
I always thought that the doomsday machine in "Dr. Strangelove" was an invention of Kubrick's. I had no idea that this was a real thing.
https://en.wikipedia.org/wiki/Mertvaya_Ruka
Wasn't there a recent story where Gmail asks the user to renew their agreement to the Gmail ToS as a hint to their email being accessed?
Has any hacky workaround like this ever held up in a court?
> Have any technicalities every held up in court?
(fixed that for you)
of course they have. For example, having corporate "document retention" policies that are actually destruction policies is usual to avoid risks associated with legal discovery.
And actus reus is a fairly critical technical element of the law. If a company has a policy of issuing (true) warrant canaries, the non-act of not issuing a (false) canary would be a significant technical hurdle to prosecution. And the 1st amendment would be a significant hurdle to coercing a person to issue (false) canaries.
Part of the risk that "document retention" policies mitigate is the risk of a staggeringly expensive legal discovery phase--not just the removal of potentially damaging correspondence per se. Imagine that your company kept 100,000 volumes of dense text on file, and frequently had to pay a legal team to pore over those volumes and think about which parts might be germane to routine legal disputes. Good for the lawyers' billing, but ruinous for the business.
No, but judges often take a dim view of legal "hacks"
Presumably the authorities in question avoid issuing gagged orders to anyone who would use such a thing: They're likely to fight the gag, or likely to leak— better to use another approach.
I can easily imagine an authority issuing a warrant to rsync.net without knowing that there is a canary in place. It seems less likely for an NSL with an attached gag order, but still possible.
I was wondering about something similar yesterday; the feasibility of a provider truthfully indicating receipt whilst staying within the confines of the law.
For a 'regular' warrant, a provider can "confirm" or "deny" being served. Presumably they can "deny" being served a secret warrant if one hasn't been served, because the terms of a secret warrant presumably only require them to decline acknowledgement if they've been served, in which case they could "neither confirm nor deny", couldn't they?
You can't reveal that you've been served. What you actually tell people is your problem, not the courts.
its not as simple as that imho.
What if you had a security vulnerability on a server which contains a record of NSL's/subpoenas (for administration purposes), which is conveniently exposed on the internet. A customer could "hack" your server, and obtain the information, thus it isn't the ISP's fault - in fact, the isp claims no knowledge of this vulnerability at all.
This concept strikes me as really weak. It acts under the pretense that a gag order is valid. The whole concept of a gag order needs to be confronted, not skittered away from.
Within the construct of the US government, these type of gag orders are legally valid at this point in time. Whether they should be is another matter all together, but given precedent, the assumption that they are valid is rational.
Weren't they ruled unconstitutional? http://www.networkworld.com/community/blog/fbis-national-sec...
1 reply →
Instead of a news headline, they could use an entry in the Bitcoin ledger to prove that the canary is current (http://erratasec.blogspot.com/2013/05/bitcoin-is-public-ledg...)
EDIT: Actually, they could simply include the hash of a recent block in the blockchain.
This could have been invented by Raymond Smullyan
http://en.wikipedia.org/wiki/Raymond_Smullyan#Logic_problems
Asking whether this will hold up in court is asking the wrong question. National Security Letters themselves are highly unlikely to hold up in court.
The whole premise rests on people being intimidated into not fighting it.
This is fucking hilarious.
There is a lot of confusion around this topic so let's get something out of the way: none of the companies mentioned in the leak were served ANY search warrants.
The participating companies were active participants in the spying scheme using the Patriot Act and FISA requests, not search warrants.