Canary File

A canary file (or warrant canary) is a method used by service providers to indirectly inform their users that they have not received any secret government subpoenas or warrants for user data. The concept is named after the historical practice of using canaries in coal mines to detect dangerous gases - when the canary stops singing (or in this case, when the warrant canary statement disappears), it serves as a warning signal.

The mechanism works through regular transparency reports where companies publish statements declaring they have not received any secret government orders. If such an order is received, the company simply removes the canary statement from their next report, thereby alerting users to potential surveillance without directly violating gag orders that typically accompany such warrants. This practice emerged as a response to laws that prevent companies from explicitly disclosing when they receive certain types of government surveillance orders.

Warrant canaries have become an important tool in the privacy and transparency landscape, particularly for technology companies and service providers committed to protecting user privacy. However, their legal status remains somewhat unclear, and their effectiveness depends on users actively monitoring these statements for changes. Companies like Reddit and various VPN providers have notably used warrant canaries as part of their commitment to transparency, though some have disappeared over time, raising questions about government requests and the balance between national security and privacy rights.