Using Canaries to Protect Privacy

Should we use ‘warrant canaries’ to tell customers they are being spied upon, even when legally prohibited from doing so? That question gets an affirmative answer from a growing number of service providers, including Pinterest, Tumblr, The Internet Archive, VPN Secure, Reddit, and Silent Circle, suppliers of the cryptographic Blackphone.

The idea of the ‘canary’ is straightforward: you know something important has happened when it stops singing. It may be against the law for a supplier to tell its customers that intelligence agencies have taken their data. For example, National Security Letters have been widely used in the USA to demand personal and communications data from telcos. The recipients of these letters cannot reveal their existence to coworkers, never mind the public. But whilst the law prevents providers from telling the truth, it does not force them to tell outright lies. So if a provider regularly advises the public that it has not been subject to the demands of the intelligence services, that is like a canary singing, indicating everything is fine. The canary stops singing if the provider does not renew its statement – allowing the public to infer that the intelligence services have obtained that provider’s data and a gagging order is in effect.

Warrant canaries are an ingenious hack of the law. Their success depends on providers being prepared to support them in advance of the time when they are most needed, the public understanding what warrant canaries are, and somebody doing the work to monitor if they have been renewed.

To my mind, telcos should support warrant canaries. Telcos will not win if they pick a fight with government, but they lose even more if they fail to maintain the trust of customers. When telcos rightly respect their customers desire for privacy, this is being denigrated by heavy-handed politicians as the cynical pursuit of profit. Presumably it does not occur to some of those politicians that profit follows customer satisfaction, and that customers are also voters. One recurring political theme is that public hostility to surveillance is being blamed on telco marketing! That is nonsense, but we should follow the logic to its conclusion: by showing customers how much we care about their privacy.

Not many in the public may know what a warrant canary is, but they will soon learn of it, when they really need to. The internet’s distributed architecture means that thousands of social media users can quickly make a nonsense of any attempts to censor the spread of news. The proactive firms who have warrant canaries in place will win respect when it matters most. In contrast, the laggards will only try to recover some credibility after it was already lost.

The canary monitor already exists. It is called Canary Watch (logo pictured above) and is hosted by the Calyx Institute, the suppliers of secure comms with a track record for fighting the US government. Clearly their site is gaining some traction; a few dozen warrant canaries from a wide variety of providers have been submitted for monitoring. On the other hand, the Calyx Institute continues to struggle with precarious finances.

They say ignorance is bliss. When it comes to ignorance of how governments use modern communications data to spy on ordinary people, I am not convinced. I prefer another saying, coined by Louis Brandeis:

Publicity is justly commended as a remedy for social and industrial diseases. Sunlight is said to be the best of disinfectants; electric light the most efficient policeman.

And if we are not allowed to see the light, we should at least have our ears open, listening to the canary’s song.

Eric Priezkalns
Eric Priezkalns
Eric is a recognized expert on communications risk and assurance. He was Director of Risk Management for Qatar Telecom and has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and others.

Eric was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He was a member of Qatar's National Committee for Internet Safety and the first leader of the TM Forum's Enterprise Risk Management team. Eric currently sits on the committee of the Risk & Assurance Group. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy.

Commsrisk is edited by Eric. Look here for more about Eric's history as editor.