By day, a cybersecurity duo keeps their fellow reporters safe and secure from prying eyes. By night, they're giving companies the final word when they're under a government gag order.
How tech companies use warrant canaries to secretly communicate with you
Tech companies aren't allowed to tell you when the government wants your data. Enter the warrant canary.
A new app, developed by director of security Morgan Marquis-Boire and technologist Micah Lee at First Look Media -- the media organization behind The Intercept, which continues to publish Edward Snowden documents -- allows companies to publicly acknowledge whether or not they have received a secret government demand for data.
AutoCanary builds at the touch of a button a "warrant canary," a public statement that asserts that a top-secret data demand has not been received, published in anticipation of receiving such an order. Once a warrant canary is removed, the notice suggests one has been received but doesn't violate the gag order because nothing was explicitly said.
In a post Wednesday, Marquis-Boire confirmed that First Look had "not been compelled" to comply with a secret government order, like a gag order.
"Our warrant canary lets the public know that we have not received a secret subpoena, warrant or other legal compulsion that we are prohibited from disclosing," the post read. "In the event the company is issued such a legal process, our plan is to not renew the canary statement."
The media company follows in the footsteps of Apple, Tumblr, Reddit, and other firms, who have all published similar statements in recent months.
But as telling as they can be, warrant canaries are not perfect. And sometimes, despite their best intentions, they can be wrongly issued -- leading to panic when they are misread.
Earlier this year, encrypted app maker Silent Circle issued an erroneous warrant canary, leading to concern the company had been served an order. Spoiler alert: it hadn't.
Marquis-Boire and Lee's effort aims to standardize that so it's almost impossible to get it wrong.
The project comes at a potentially tumultuous time for free speech watchers. Although there's no law in effect to prevent warrant canaries from being used, Twitter is currently fighting the US government in the courts to have them protected as free speech under the First Amendment.
It's available as a download for Windows, Mac, and Linux. The code is open-source and available on Github.
Join Discussion