I was hoping that it would be irrelevant after all of these years...
Bruce Schneier wrote in a blog post that "[p]ersonally,
I have never believed [warrant canaries] would work. It
relies on the fact that a prohibition against speaking
doesn't prevent someone from not speaking. But courts
generally aren't impressed by this sort of thing
What matters, ultimately, is not just the thing itself but the context in which it is used and presented. If I announce that "picture present" means "no" and "picture removed" means "yes", the presence or removal of the picture still acts as a communication system and its use is likely considered a form of communication by the law.
However what makes canaries special is that mere removal or absence is ambiguous in that it can be unintentional. The question then is whether this is more akin to changing your response from "No" to "No comment" and whether this change itself when you have previously announced you will always answer "No" as long as it is truthful already indicates "Yes" (thus violating the gag order).
It's really icky to punish someone for doing something that wasn't a crime at the time and place it was done. If you create a law that prohibits visiting a park at night, you shouldn't retroactively punish half the population for having visited a park at night. This stuff is UN human rights stuff, and often the norm in sensible justice systems.
Drawing on this, it's not currently illegal to publish a warrant canary. If it's not illegal, you can't be punished for it now. If you can't be punished for it now, in a sensible justice system, you can't be punished for it down the road either, as long as you stop doing it before it becomes illegal.
What they could argue is that by ceasing to publish the canary, you're committing the crime of communicating something you're not allowed to communicate. That, however, skirts dangerously close to forcing someone to lie.
This was my point, but the issue seems to me not about them forcing you to lie but rather about you setting up a system that you know will either force you to lie, or to break a court order by communicating something you were ordered not to. The only point of a warrant canary is to try to bypass the intention of a potential future court order.
Which is not illegal, and therefore cannot be punished. I wouldn't be surprised if they make warrant canaries illegal (they are already in Australia?) for this reason, and it sorta kinda makes sense, but it also sucks.
Edit: though I guess you could argue that "preparing to break a court order" is some sort of crime, but
1. It's in this case equivalent to making warrant canaries illegal, and
2. Laws that are punished only occasionally are the scariest thing.
That said, meta-censorship is pretty icky regardless.
Which opens a whole other can of worms. Telling a lie is not illegal. However the impact of that lie might result in loss to a third party - and that would need to be reconciled.
The data for the following users (as of December 31 2015) has not been subpoenaed:
Law enforcement doesn't have to tell the truth all the time, and deception is constantly used through out the legal system.
Still, all theoretical and purely speculation, because as far as I know this has never been tested in court.
I do agree with the quotation though. I have a hard time believing government wouldn't somehow figure out a secret way to violate your first amendment such that you have no legal recourse.
Actually, they do tend to mind, and they will scrutinize you much more intensely if you engage in insider not-trading... it's just there's not much they can do about the non-sale in and of itself.
Excerpt: "If you get an NSL, you're gagged. You can't talk about it. I can say that during my time we did not receive any National Security Letters. /r/ekjp was able to say in her Transparency Report for 2014 that they never got any. Apparently in this 2015 report they are not saying that."
Does that inform anyone's choice of cloud infrastructure?
"I've been advised not to say anything one way or the other." 
when asked whether he withdrew the canary voluntarily. The comment directly beneath sums it up:
"In case anyone is still confused or in disbelief, this is where he confirmed it. He really can't say it any more clearly without teasing the law to go after him."
There's two situations here: Either the gov't doesn't care that you say you got an NSL (without specifics on time/subject), or they do care.
If they do care, discussion with judge:
- Did you say you got an NSL, despite there being a gag order?
- Well I didn't not say anything
- You had previously had a communication strategy set up to communicate when you would get an NSL
- So you did say it.
Case where the gov't doesn't care that you mention you got one (given you hide the time/subject through delays):
- Why did you do all the crazy stuff to tell people instead of just telling people?
- It was funner this way
Is the canary really a legal defence? I can only imagine that no, it isn't. At best it lets you imply that you got an NSL even if you didn't (oops we removed it from the template). At worst you're facing the same legal issues as before
Better yet, make each canary in the form of an original haiku.
has not to date received
an NS letter
This, our company
As of the time this appears
Has not been silenced
Our routine remains
A haiku for you from us
On the month's first day
At the same time, companies should not be forced to try and circumvent the law with cute tricks. Preventing companies from informing their users/customers that their privacy has been breached by a 3-letter-agency should be illegal.
We shouldn't be arguing about the legality of canaries, we should be arguing about the legality of gag orders. Arguing pro canaries is fighting a losing battle; it's fighting the symptoms instead of the cause.
In the example of insider trading, it was NEVER legal for you to give inside information. So stopping your Haiku is legal, but the discussion when you agreed "sell your stock when my Haiku ends" was not.
In fact, when I first heard of warrant canaries, that's how I expected that they would work.
"No NSL Letter has been given for data to users with the 1st letter being P"
"No NSL Letter has been given for data to users with the 2nd letter G"
etc etc. Publishing 200 haikus a month like this would surely go against the gag order (since you could reveal the username like this).
I think at one point common sense comes int play
There's two situations here: Either the gov't doesn't care
that you say you got an NSL (without specifics on
time/subject), or they do care.
If 100% of canaries were removed a month later, canaries would be pretty information-free, because the removal of a canary would just mean a canary was added a month earlier.
And it would be a simple matter to send a spy to use coffee shop wifi to post some bomb making instructions or something similar. Hypothetically.
One reason canaries are likely to be legal is that the government can work around them.
The government has no responsibility to assist you in self-perpetuating logic puzzles.
That being as it is, the distinction is between compelling someone to nondisclosure and compelling someone to active deception. I imagine that's a tough battle in court, particularly if it's part of a service agreement between a company and its customers. Compelling continued publication of the canary would extend well beyond 'gagging' the company and would force it to commit what is essentially contract fraud.
And by the point where the gag order comes into force, it's too late; you can't comply with it in a way where you aren't compelled to lie, a power that the gag order does not possess. That's the point of the canary; you have preemptively removed from yourself the ability to fully comply. Which is entirely legal.
Gag orders aren't retrocausal. Either it's fundamentally illegal to say that you haven't received a gag order, or gag orders can force you to lie, or canaries work. One of those three options must hold.
Of course, agreeing ahead of time to participate in this network could be interpreted as "communicating" (see other discussions here).
I mean, yes, in a general sense, it's notable, but it doesn't tell me how often it has happened or who the target is, so there's no personal value nor any substantial value from a civil liberties perspective because it doesn't tell us all that much.
They never will be able to tell down to the person level. Those would definitely violate the gag order, which if you're willing to violate why go through the mess of a canary. Similarly the government is very particular about reporting just how often they're received. Testing that is a huge gamble on the lawsuit that would be filed when you get too precise for the government's tastes.
There is a legal difference: compelled speech is especially and obviously unconstitutional in the US, in contrast to a restriction on what you can say.
You do still, as you point out, need to be willing to put the law to the test. Presumably Reddit has received legal advice that it's okay to take that risk in this case.
It's an incredibly complex issue that your screenplay doesn't quite capture.
Makes it a bit easier to see what's going on.
"Hey George, did you hear Reddit has a canary now too. Ok, add it to the list. Pick a user there and issue an NSL. And don't forget about Google and FB this month as well, they are about to reset theirs".
Putting oneself in the shoes of such an actor this is a rational approach to take.
Can be done by re-interpreting what is happening -- "we are not issuing bogus NSLs to troll them, we are fighting terrorism and these sites deliberately shelter and protect terrorists and other criminals. We want to periodically issue NSLs to establish protocols and methods so we can more effectively protect our country and do our work".
So it has to be story which will look good on paper and workers will tell themselves without feeling like they are doing something illegal.
Another way is to do it as a side-effect of something else -- say "we decided to double our efforts to track down drug dealers on these sites, therefore we'll put 2x more people on it and they will conduct research and open new cases and so on". So simply by allocating more resources to the "problem" they'll ensure any of these large sites will simply get a constant stream of NSLs without explictly writing that down as "we are busting the canaries" as a goal anywhere.
Once is all it takes, from that point forward you can't fully trust anything they say about their privacy / security.
The only real questions are: is this an april fools? And does it matter?
edit: There appears to be a bug in the reddit context code, here's the original root comment that sparked the discussion: https://www.reddit.com/r/announcements/comments/4cqyia/for_y...
... What? A canary? Oh, right ...
No; it's just pining for the volcanoes.
Surely that's a very, very bad thing.
I really was capable of seeing nuance, once.
Any other warrant canaries trip before?
Let's say you frequent lots of subreddits that might be considered outside societal norms. Right now that data is ONLY available internally at Reddit.
If the NSA hoovered up this data, suddenly they might learn a lot about you that they didn't know before (although there's probably a fair argument that people probably leave enough other clues scattered across other data sources they likely have access to that make this redundant).
Maybe you aren't looking at things that would set off their alerts for today's hot media topics. But what about the future? What if we end up with a President with a radical discriminatory agenda (a scarily likely possibility at this point unfortunately)? What if suddenly things that may have been frowned upon before by the general public are suddenly made illegal by Executive order or some other horrible twisting of our laws? This provides the government with a great way to narrow down the list and identify targets that have become "inconvenient" for them.
Think it can't happen or that this is an off-the-wall conspiracy theory? Germany and Russia would like to have a chat with you.
Sure, the mainstream users probably won't have any noticeable impact on their lives. For now at least. But this can still have a chilling effect on free speech today, without the nightmare scenario I outlined above occurring.
Case in point from a couple days ago:
It's not much but it's something.
Which, in my mind, is preferable to the alternative.
But if you are still a carrot fetishist in the future, they can use the knowledge that you used to be a carrot fetishist to set up a sting operation. A little parallel reconstruction, they seize your phone and laptop, and next thing you know you're in prison in the future, thanks to the data they hoovered up today and will be in their database forever.
So would J Edgar Hoover.
I probably should have been more explicit about two of my big problems/uncertainties with warrant canaries in my initial comment. The biggest issue is that they only really seem to matter in circumstances where I assumed the service provided was a secure and private communication platform. My personal threat model does not treat the reddit platform as a secure and private communication platform and Reddit Inc. is just slightly less of an adversary than Eve's Agency. (sidenote: You are Threat Model Shostack correct?)
My other issue is that the canaries seem to be backward looking and do not do much for my future outlook. It seems that the knowledge that an NSL was served just tells me about the past, but very little about the future. Should I assume that since an NSL was served once that I should expect that they will continue to be served repeatedly and regularly going forward? I am having trouble expressing the latter adequately and clearly, hopefully it is teased out below.
For the sake of argument I am assuming/ignoring that Eve does not do global surveillance and cannot easily associate requests from my IP to reddit with submissions/comment timestamps, vote changes, etc.
> If the NSA hoovered up this data, suddenly they might learn a lot
> about you that they didn't know before
In C1, I continue to visit /r/BDSM, /r/guns, /r/earthliberationfront, etc and the record of my sensitive activities on reddit is even larger if they are served an NSL in the future.
> suddenly things that may have been frowned upon before by
> the general public are suddenly made illegal by Executive order
> or some other horrible twisting of our laws? This provides the
> government with a great way to narrow down the list and identify
> targets that have become "inconvenient" for them.
> Think it can't happen or that this is an off-the-wall conspiracy
> theory? Germany and Russia would like to have a chat with you.
> Case in point from a couple days ago:
You're right that an early-warning system hasn't been developed. We have no way of knowing what the NSA will decide to analyse after the fact. Indeed, we do not know if an asteroid will hit the earth tomorrow. At one level, there is a limit to our ability to predict the future.
So it's up to the individual. We self-censor, or don't. The chilling effect of the knowledge of surveillance is well documented. Are you making a point that thinking you're being spied upon is more damaging than any fallout of the actual spying?
Or anybody monitoring their traffic. coughNSAcough
"Identifying Website Users by TLS Traffic Analysis: New Attacks and Effective Countermeasures"
Does anyone know of other, recent research in this area? It's been a long time since I last looked at opaque data captures of TLS/SSL traffic.
I also found: https://tools.ietf.org/html/draft-ietf-tls-chacha20-poly1305... which states in part:
"It should be noted that AEADs, such as ChaCha20-Poly1305, are not intended to hide the lengths of plaintexts. When this document speaks of side-channel attacks, it is not considering traffic analysis, but rather timing and cache side-channels. Traffic analysis, while a valid concern, is outside the scope of the AEAD and is being addressed elsewhere in future versions of TLS."
On a skim of https://tools.ietf.org/html/draft-ietf-tls-tls13-11 I couldn't find anything new wrt. recommendations on padding with the goal of thwarting traffic analysis?
Anyone have any pointers on this?
I would be shocked if NSA didn't get a secret court order to get AWS access.
1) While it isn't a perfect mapping, this is similar to a "I have nothing to hide" argument. The value of anything security or intelligence will vary with the situation. The same counter-arguments apply; you probably don't want to get to the point where you cannot learn about a NSL.
2) In general, information that allows you to make informed, up-to-date decisions is valuable. The sudden disappearance of a warrant canary gives you data about the current state of the world. The canary gives you information about the actions of the growing surveillance state. This information might be used to make preparations or as a political tool. You can decide for yourself if you would take different actions with this information, but even if it doesn't change anything for you, at least you had the opportunity to make that choice.
3) Warrant canaries also serve as an indicator of the politics of the canary publisher. Someone who publishes a canary is sending a message that they care about keeping everyone informed.
I think you missed the point. The real question is, "So a canary died on a service I use, now what?" Well I have that question too. The damage is done. Should I toss my phone in the nearest trash can, burn off my fingerprints, cut and bleach my hair in the at the nearest connivence store bathroom, and shed a single tear as I will never return home to my family again as I am now hitchhiking to Mexico or what? Because, honestly, I don't know what to do besides that. If you're the target of an NSL, then you need to worry.
> 3) Warrant canaries also serve as an indicator of the politics of the canary publisher. Someone who publishes a canary is sending a message that they care about keeping everyone informed.
Yeah, but the set of those that don't publish canaries doesn't indicate the opposite. Organization X might not publish a canary, because the canary is already dead.
I might choose not to use the service a) for a lot of things, but I certainly wouldn't want to use service b) for anything.
Now, if I was the NSA/CIA I'd of course try to fund social media and messaging startups through shell corporations, and I'd be surprised if they don't do that. In that respect we go down the "you can't defend against a nation state actor" line of reasoning. But if warrant canaries became enough of a problem, something that could lead to a real exodus of users for something like Reddit -- that might give these corporations enough incentive and reason to challenge the practice in the legal system (The government is forcing us out of business).
Another aspect of the canary, is that while people might not now stop using reddit (or logging in to a reddit persona that's associated with animal cruelty, native American rights activism or other terrorist activities) - it still serves as interesting indicator on continued government overreach, and encroachment on civil liberties and free speech.
As evidence that more and more "town squares" and cafes are fitted with microphones and cameras "for security reasons" surface, the fight against illegal surveillance (can) gain(s) momentum.
So maybe what you should do is not just step away from reddit, but take to the streets.
I'd be really interested in hearing more about this.
I'm pretty sure I didn't.
> "So a canary died on a service I use, now what?"
Yes, that's what I was addressing.
> Should I [stereotypically run like a fugitive]
Probably not, but I don't much about your specific situation.
> I don't know what to do
THAT was my point; you don't know know, because you cannot predict the future. The social or political situation might change in a way that makes NSL searches much more threatening. You might be in a situation where knowing that your activities have been discovered by an a NSL does suggest some type of action.
It's easy to consider the set of possible futures that you can enumerate. That set is rarely complete.
> If you're the target of an NSL, then you need to worry.
And that's the "nothing to hide" argument.
> Yeah, but the set of those that don't publish canaries doesn't indicate the opposite.
Obviously. The canary is still useful information.
Instead, we live in a world where we know that many of them either are not being forced to secretly cooperate; or in one where canaries don't work, and they're being forced to lie about it.
And of course, there are ways of implementing internal surveillance without the cooperation of providers: by trespassing on their infrastructure, by analysing and recording traffic at their border, etc.
1. we were not asked to provide private post
2. we were not asked to provide metadata like IP addresses
3. we were not asked to backdoor our website
4. we were not asked to shadowban users
5. maybe even one canary per user, to know exactly who is affected
That said, while your behavior regarding reddit might not change, it could inform your political behavior. Since organizations can't say they've received NSLs, it's really hard to survey and see how common it is. I'm glad reddit's case here is gaining interest, and hopefully other companies will take part in this program and also get attention when it happens. It would be good to know just how prevalent this practice is.
‘John Doe’ Who Fought FBI Spying Freed From Gag Order After 6 Years
I mean honestly what's so difficult about "Congress shall make no law"? We're not talking about someone yelling "fire" in a theater. NSLs are facts, the searches they authorize are facts, and the gag is also a fact. And it's also not like this even remotely resembles treason or sedition.
I mean honestly what's so difficult about "Congress
shall make no law"?
Disagree with the restriction on free speech on its actual merits, not by saying "there's very few restrictions on free speech" when in fact this is not the case.
The idea that a National Security Letter can serve as a secret warrant against a 21st century Charles Schenck like Edward Snowden is interesting.
Neither falsely claimed there's a fire; they are/were men speaking out against war and unconstitutional acts. Anti-war speech should be especially protected.
Publishing a NSL is a defensive act against an immoral and oppressive government. The idea that they are using the NSLs to suppress freedom of speech and fight advocates of freedom of speech should only embolden the opposition.
Then the corporate lawyer talks to the CTO, and tells them that for legal reasons they must shut down their livestreaming stuff.
This isn't exactly the kind of thing US law treats as a minor offence, especially if it involves computers. Get the right prosecutor involved and this is a national security concern, an act of treason and a cybercrime all at once.
Treason is _minimum_ 5 years, capital punishment at worst.
You can be a hero without being an idiot.
The 2015 report:
You mean private keys. Reddit uses forward secure TLS, so obtaining the private keys does not allow the NSA to decrypt the traffic, as fresh keys are negotiated on each connection. The long term private key is used only for identification, so they allow you to impersonate the server but as far as I'm aware, nobody has yet seen evidence of a large, popular website having all of its traffic hijacked by state actors with stolen SSL keys. I can only imagine that such an attack would be quite visible (unless the taps were done internally inside a big CDN).
Also, the SSL keys are not stolen, we have to assume that they have been given to them based on the letter. The gag order and canary indicated that everything has been compromised.
If it's not a direct real-time feed then, no, doesn't really change much.
Red Hat and Systemd anyone?
I wonder how big of an issue this NSL will become for Reddit, or whether it will be forgotten about in a week.
I also wonder what it means for me as a Redditor. "If you have nothing to hide" arguments aside, does this mean it is safe to assume that the NSA got full access to all of Reddit's data and hoovered it all up? Or are these NSLs only able to target individuals? Not sure you can really make that distinction from a data mining standpoint I guess.
Do feel free to write your representatives and complain, but don't try and sweep this all away under "right to freedom of speech and expression". National security is far more nuanced.
Do something. You're sitting here bitching us out for how the US government works like it's our fault and we should have done something different. Well what are you doing? Because if the answer is "nothing", then maybe you should sit down and reevaluate your tone.
In Germany, they have "Free speech," except when it comes to anything relating to the Nazis (unless it's in a history book talking about how horrible they were).
In China, their constitution guarantees free speech.
Laws are like debt, they are only useful to the point they can be enforced through violence.
Company policy states each month a polygraph must be taken by "Government request officer" covering "certain" topics, and the results are posted online.
This month the "Government request division" officer failed his poly.
The wording of poly test could be done to never even speak of nsl etc or even what poly was designed to do, and no company document/policy or spoken word ever says anything about the nsl etc.
The government can't force you to keep operating a business. If they want to abuse NSL's, so be it. I want the John McCains in our government to realize what they're doing.
It's also incredibly depressing.
Australia just outlawed warrant canaries. Scary times.
Assuming you accept the need for the non-disclosure requirements in some court orders and administrative subpoenas, wouldn't the decision to allow canaries be a legal mistake in the first place? (Albeit AFAIK one also made by the US Department of Justice)
The argument for the legality of canaries would have to rely on the distinction between the affirmative and negative disclosure. But it is very easy to imagine a service that scrapes sites with canaries and publishes an affirmative list of those which took theirs down recently (or in a given time interval). This completely subverts the argument.
Is it perhaps yet another case where the legal minds failed to account for the current (actually... two decades old) state of technology? Am I missing something?
Reddit released its transparency report for 2015 and the warrant canary language was missing.
Maybe that's an edit after your post. I agree that a silhouette of an expired canary lying on its back, wings spread awkwardly, tongue sticking out, eyes crossed, would make this communication more effective.
And I don't think canaries are really a feature of current technology; seems like one could have simply posted a weekly newspaper ad with the same content.
Edit: And then you don't publish the canary as scheduled. Before you got the warrant, NSL or whatever, you were subject to no court order. So you were free to speak. After getting it, can you be compelled to speak falsely?
Why not? Given that secret warrants arguably already circumvent your right to face your accuser, this seems like a very small stretch.
As I understand it, this is related to the argument that Apple was using vs the FBI recently, that while the FBI could compel Apple to produce things in its possession (like Farook's iCloud backups) it could not compel Apple to do things like produce a custom version of iOS.
IANAL, but, this is mostly based on what I remember reading last year when the whole warrant canary idea first started getting publicized.
You could distinguish between temporarily keeping particular orders a secret, permanently keeping them a secret, and permanently keeping secret even summary information about the number, kind, and scope of the orders (or what kind of matters they related to).
As a result, I always assumed that anyone that had a warrant canary in place would get a court order to keep it up regardless.
I would be shocked if they stood up in court, and I don't find the outlawing of it any more disturbing than allowing secret warrants in the first place. (Although secret warrants are pretty damn disturbing.)
If the issue was being forced to continue with the canary then there is a solution for that just use as a canary, before you received any order: We have received a gag order!
And when you do receive a gag order what are they going to do? Make you remove that? Keeping it seems as a direct violation of that order.
But can they force you to put up a new one?
Just to be safe: Any NSL is crap. Braindead. I'm not trying to support that BS. This is among the worst possible ideas a government can come up with and belongs in the realm of (referring to recent posts) Turkey at the moment.
But IF they exist for some reason, is a canary really working? Isn't this just another 'The government cannot crack my password' argument, missing the lead pipe way..?
What EFF wrote says more to me than Moxie saying 'every lawyer I've spoken to'. Which lawyers? In what context? What was said?
Sounds like we need a lawyer canary.
Outlawing warrant canaries per se is not scary at all. They're a method of communicating information that has been deemed to be forbidden, so it's just a way of preventing the rules-lawyering method of still conveying that info. The overreach of such things in the first place is the scary part, not the stuff around canaries themselves.
The focus should be on getting rid of the overreach of these things, not on preserving a loophole.
Do you want to restrict everyone's speech just in case, or force them to lie? Those are the choices.
It only forces them to lie if they deliberately take means to force themselves into a lie. "I have not received any warrants that I'm legally allowed to discuss with you."
The government shouldn't have the ability to compel people to lie, that's the issue. As far as I know they don't have that ability, and there is nothing illegal about this.
Having once given a legal, true answer to the question "have you received a national security letter", a person can later give a different legal, true answer to the same question, or can later choose to respond with silence.
Otherwise, you are asserting that the feds may do more than merely forbid the recipient of an NSL from talking about it, and actually have the authority to force the recipient of an NSL to lie about it.
I sure hope that isn't true. If it is, I'm not sure any of this matters, because we're all fucked already. I cannot conceive of any legitimate justification for allowing any government to have such a power.
"We can't talk about Pi."
Australia outlawed warrant canaries for journalism warrants (warrants for journalists when they investigate someone). I'm fairly sure that law doesn't apply to all other kinds of warrants.
I'd love to see efficacy proven, just once.
Do you have any links describing NSLs being part of a noisy, dragnet operation?