Comment by ChikkaChiChi
12 years ago
Simple solution: A startup firm that warrant canaries FOR you. Every week your company receives a phone call. The pre-arranged contact is asked "Were any federal subpeonas issued for you to disclose customer data in a blanket fashion?"
The normal reply would (hopefully) no. Otherwise it might be "no comment."
I believe this would absolve the contact in question from perjuring themselves under the fifth amendment and would be no different than those "our website is hackproof" badges that get sold.
If someone wants to run with the idea, I'm game.
This is essentially the same system, but with a middle man. It may obfuscate some of the players involved, but it doesn't solve the issue that you are still disclosing information due to the pre-agreed context of the conversation.
I wonder about the situation where you didn't pre-arrange it. You just start cold-calling companies and asking them on a regular basis. Assuming you found a company that started out giving you a straight answer, then later moved to "no comment" due to receiving such a thing, which one of you would be liable?
ha, beat me to it, was just writing this!
my own take is each person asks individually (through a service) and the company is then forced to respond via an automated method (or set up an api) to deal with the deluge of requests (sound familiar?)