Definition
A warrant canary is a public statement made by an organization—often a technology or internet service provider—indicating that it has not received any secret government subpoenas, National Security Letters, or other classified legal demands for user data. The statement is periodically updated; the absence of the statement or its removal serves as an indirect notification to the public that the organization may have been served with such a request, which it is legally prohibited from disclosing.
Overview
Warrant canaries are employed as a workaround to legal prohibitions—particularly in the United States—against revealing the receipt of classified government orders. Because the law may forbid the organization from affirming that it has received a warrant, it can instead affirm that it has not. If the canary disappears or is altered, observers infer that a secret demand has likely been received. The practice gained prominence after the 2008 Electronic Frontier Foundation (EFF) blog post describing the concept and after the 2013 case of a U.S. telecommunications company that removed its canary following a secret National Security Letter.
Warrant canaries are typically posted on a company's website, in its transparency reports, or in other publicly accessible locations. They may be updated on a regular schedule (e.g., quarterly) and are often accompanied by a disclaimer that the removal of the canary does not constitute an admission of a secret subpoena.
Etymology/Origin
The term combines “warrant,” referring to a legal order such as a subpoena or National Security Letter, with “canary,” alluding to the historical use of canaries in coal mines. Miners would bring canaries underground; the death of the bird signaled the presence of toxic gases. Analogously, a warrant canary signals the presence of a secret legal demand when it ceases to exist. The phrase was popularized by the Electronic Frontier Foundation in 2008.
Characteristics
| Feature | Description |
|---|---|
| Legal basis | Relies on the principle that a silence or omission (removal of the statement) is not itself a prohibited disclosure, though the legal robustness of this approach varies by jurisdiction. |
| Update frequency | Organizations typically update the canary on a regular schedule (monthly, quarterly, or annually) to maintain credibility. |
| Content | May simply state, “We have not received any National Security Letters,” or include a broader list of prohibited requests (e.g., gag orders, FISA orders). |
| Visibility | Placed in a location that is easy for the public and researchers to monitor (website footer, transparency report, GitHub repository). |
| Verification | Third‑party watchdogs and transparency researchers often archive canary statements to provide a historical record. |
| Limitations | Removal may be ambiguous (e.g., accidental deletion), and courts have not definitively ruled on the legality of canaries; some jurisdictions may interpret the removal as an implicit disclosure, potentially exposing the organization to legal risk. |
Related Topics
- Transparency reports – Periodic disclosures by companies about government data requests.
- National Security Letter (NSL) – A type of administrative subpoena used by U.S. agencies, often accompanied by a non‑disclosure (gag) provision.
- FISA (Foreign Intelligence Surveillance Act) orders – Secret legal instruments that can compel data disclosure for national security purposes.
- Legal gag orders – Court‑issued prohibitions on discussing certain legal proceedings or orders.
- Digital privacy – The broader field concerning the protection of personal information in the digital environment.
- Surveillance law – The body of legislation governing governmental access to communications and data.