Slashdot Mirror

← Back to Stories (view on slashdot.org)

Time For a Warrant Canary Metatag?

Posted by timothy on from the unless-double-secret-probation-prohibits-canaries dept.

An anonymous reader writes "With the advent of national security letters and all the NSA issues of late perhaps the web needs to implement a warrant 'warrant canary' metatag. Something like this: <meta name="canary" content="2013-11-17" />. With this it would be possible to build into browsers or browser extensions a means of alerting users when a company has in fact received such a secret warrant. (Similar to the actions taken by Apple recently.) The advantage the metatag approach would have its that it would not require the user to search out a report by the company in question but would show the information upon loading of the page. Once the canary metatag was not found or when the date of the canary grows older than a given date a warning could be raised. Several others have proposed similar approaches including Conor Friedersdorf in The Atlantic and Cory Doctorow's Dead Man's Switch." What problems do you see with this approach?

11 of 332 comments (clear)

  1. Uhh by Anonymous Coward · · Score: 5, Insightful

    They would force you to keep the "all-clear" signal with guns pointed at your head? That might be a problem.

    1. Re:Uhh by ShanghaiBill · · Score: 5, Insightful

      My company exists purely in cyberspace. There is nobody in authority who can be contacted in person.

      I call BS. In every jurisdiction I have ever heard of, you are required to provide a physical address when registering a business, and any warrant or summons delivered to that address during normal business hours is generally considered "served".

  2. The problem I see by elrous0 · · Score: 5, Insightful

    The person adding the metatag rotting in a federal prison?

    --
    SJW: Someone who has run out of real oppression, and has to fake it.
  3. technical fixes for political problems by gl4ss · · Score: 5, Insightful

    do not work.

    like, what the flying fucktonmeister fuck? why do you think it would be exempt from the "don't tell the victim of surveillance" rules because it's a metatag?

    best you can do is close down the service. that is it! and even then you'll have to fight in court!

    --
    world was created 5 seconds before this post as it is.
    1. Re:technical fixes for political problems by HiThere · · Score: 5, Insightful

      It's not that it's smarter, it's that it has arrived at this point through a different history. Internal violence has rarely been necessary. But when the police organizations can act on their own autority (and I'm counting the executive arm of the feds as a police organization, though that's only partially true) then you have a police state. So far only small chunks of the executive have become truly independent, and even they pretend that they are obedient to the legislature. That's not a real police state. And while the CIA has at times shown total independence of Congress, no other segment of the executive has been quite that blatant.

      I'd say "teetering on the brink" is a correct description. Not quite as close to the brink as the GP suggested, but still only in a quasit-stable position. And the most likely direction of collapse is further into a police state, though likely on the Roman model (with technical refinements) rather than on the Soviet model. I doubt that there will be internal violence even on the level of Marius vs. Sulla. And there probably won't be an internal episode of the drama of Julius Caesar crossing the Rubicon ("Alea iacta est", etc.). OTOH, that may have been a publicists creation anyway. And I really doubt that some future "president" will be stabbed to death in the Senate by the Senators. Parallels don't run that close. Booth's "Sic semper tyrannis!" is a more likely future scenario...and even that's quite unlikely.

      P.S.: There is a reasonable argument that Lincoln deserved to be shot for treason. He trampled all over the Constitution during the Civil War, and most of recent history is the result of it, including the drastic centralization of power in the federal gvoernment. OTOH, if it weren't for that the US might have continued to be "these United States" rather than "the United States". But ever since Lincoln the presidents have been more powerful, and allowed much greater latitude in the impositon of central power. This isn't all bad, but it sure isn't all good. And it doesn't appear to be what the Consitution allowed as interpreted at any prior time. One may argue that this was the inevitable result of improvements in transportation and communication, and this is certainly true in part. But that should have been accomplished through ammending the Constitution rather than by twisting what the words meant. That it was done the way it was done was largely due to powerful groups insisting that it be done NOW in a way that they could never have gotten 2/3 of the Senate to agree to, much less 3/4 of the States. So it was done via a power play, i.e., "We're doing it and you can't stop us." And the extension of that method is how the US is turning into a police state.

      --

      I think we've pushed this "anyone can grow up to be president" thing too far.
  4. What does this solve? by Anonymous Coward · · Score: 5, Insightful

    I'm not really sure what problem this solves, or how the outcome would change if the canary "died."

    We're well-aware that many companies are required to produce information via FISA court orders, national security letters, or other means. What we don't know-- in many cases-- is how often, what information is obtained, by whom, and for what purpose. The "canary" doesn't answer any of the unknowns, except that a particular company received at least one such order, which is of extremely limited value (if of any at all).

  5. Slavery hack by tepples · · Score: 5, Insightful

    They would force you to keep the "all-clear" signal with guns pointed at your head?

    There's a way to hack around this by exploiting a Civil War-era constitutional amendment. The company announces in advance, through the canary meta element or another : "If we receive one of several requests, $NAME and $NAME and $NAME will leave the company's employment." I don't see how the government can compel a private employer to compel an employee to continue working for the employer without it being deemed "involuntary servitude" in violation of the employees' Thirteenth Amendment right to quit. So if a certain set of employees is suddenly working for a different company, it's more likely than not that the company has received a classified order to violate a customer's privacy.

    1. Re:Slavery hack by Predius · · Score: 5, Insightful

      By announcing the plan ahead of time, you are saying the actions are in direct response to, and a way to covertly signal that a warrant with gag order has been issued. Hell, your announcement may trigger legal action BEFORE a warrant is ever issued.

    2. Re:Slavery hack by Jane+Q.+Public · · Score: 5, Insightful

      There's a way to hack around this by exploiting a Civil War-era constitutional amendment. The company announces in advance, through the canary meta element or another : "If we receive one of several requests, $NAME and $NAME and $NAME will leave the company's employment."

      Seems like overkill to me. A "canary tag" might actually be the way to go. While the government seems to feel it can compel your silence, compelling speech is a completely different thing under the law. Coercing a company to keep its "canary tag" alive is a very different matter from compelling them to take it down and shut up.

  6. Precedent in other law systems by ledow · · Score: 5, Informative

    Same reason the British AA (Automobile Association, not alcoholics) were formed and (later) forced to change their ways.

    The whole point of the AA was formed to inform members of police speed traps. Back in the days of red-flags in front of vehicles held by a man. If your were an AA member, and there were no police around, an AA employee would be required to salute you.

    If, however, there was a police trap present, they would not. Absence of the salute was seen as just such a canary to warn you despite being a "non-action". Eventually it was ruled illegal and the AA and the RAC both become just "vehicle breakdown" companies

    When it comes down to it, if a court / police can argue that they need you NOT to trigger the canary (by inaction or otherwise), they will find a way to make you do it. They already redirect your DNS if they steal your domain, what's to stop them updating the canary themselves apart from a minor technical issue? All it will do is just get your whole domain seized to make you compliant.

    ESPECIALLY if the entire point of the canary is to indicate to people whether you are subject to a (potentially LEGAL) court order not to reveal that you're under such an order. Little difference between that and you phoning up your buddy to warn him that you were just busted and the cops have his address - it's seen as deliberate evasion of the law. Even if the message is "I **WON'T** text you at 5pm if I've been raided".

    The simple fact, though, is that such warrants are not a problem when they are legal and above-board. The problem is when they are not. Skirting the legal grey area yourself is not the correct response to the agencies skirting the legal grey areas.

    If all else fails, they'll just institute a law to stop you doing things like this.

  7. Re:What type of canary? by dotancohen · · Score: 5, Funny

    European.

    --
    It is dangerous to be right when the government is wrong.