Last week, a so-called “warrant canary” in Reddit’s 2014 transparency report — affirming that the company had never received a national security–related request for user information — disappeared from its 2015 report. What is a warranty canary? What are they used for? And Why did it get taken down?
Many years ago, it was common for underground miners to bring a small, caged bird with them into the mines. Small animals are usually much more susceptible to toxic gasses like carbon monoxide, and would die very quickly if the levels of those gasses rose too high. This is where the term “canary in a coal mine” comes from, which is used to describe something that indicates when things take a turn for the worse.
Warrants allow governments to force web services, like Reddit, to provide them access to users’ personal information, such as private messages, post histories, and IP addresses they have logged in from in the past. Warrants often often have a clause which prohibits the web service from notifying their users about warrants that are issued to access their private information.
So, rather than notifying users after the fact, some companies have warrant canaries, which make a statement similar to “no government warrant has been served to request this information so far”. Then, if a warrant is ever issued, that statement is removed from the website, which alerts anyone paying close attention to the fact that, in all likelihood, a warrant has been served.
The EFF maintains a Warrant Canary FAQ here.