[Support-team] warrant canaries controversy?

Jaime Villarreal jaimev at mayfirst.org
Wed Nov 23 19:34:03 EST 2016



On 11/23/2016 05:24 PM, Daniel Kahn Gillmor wrote:
> On Wed 2016-11-23 14:43:01 -0500, Jaime Villarreal <jaimev at mayfirst.org> wrote:
>> Since we're all top posting :)
> 
> please no :)
> 
> I echo jamie and jaime's perspectives about the integrity of riseup --
> these are good folks who i trust and feel we can rely on.
> 
>> I also don't think there is a legal precedent for forcing an org to
>> falsify something like a canary statement however I think it is very
>> likely that law enforcement is aware of this technique and would
>> attempt to force legal compliance in a shorter period of time because
>> of it. So that is something else MFPL should be prepared for.
> 
> law enforcement is certainly aware of canaries.  In the corporate world,
> their equivalents are called "transparency reports", and there are
> regular struggles around what sort of transparency reports are
> legitimate to publish.  I'm not sure what "force legal compliance in a
> shorter period of time" means, though.  can you explain?

Ah yes. Let's imagine for example, if they are aware that you have such
a system in place that updates a canary every 15 days, they might
petition a judge to order you to comply within 7 days to be sure that
users don't have time to realize the canary has not been updated. Those
are just hypothetical numbers but the scenario seems likely.

>> Also, given the sensitive nature of the subject I wonder if we shouldn't
>> consider encrypting our e-mails to this list. There are currently 33
>> subscribers though and I don't have all of your keys :(
> 
> This list is actually publicly archived:
> https://lists.mayfirst.org/pipermail/support-team/

touché :S

> 
> This is not a place for private discussion.
> 
>      --dkg
> 


More information about the Support-team mailing list