2017-12-09

Canaries

Some more thoughts on warrant canaries... Thanks for the various comments.

We are the good guys, honest

First off, I want to be clear. The attitude I have, and therefore the company (A&A) has, to blanket surveillance is that it is wrong. It should not be allowed. We need to take all possible and practical steps against it. Targeted surveillance against know suspects with proper controls is another matter.

I hope that is clear, and the fact I have gone to the bother of speaking directly to parliamentary committees on this helps explain some of my resolve in this.

Am I a martyr ?

No, sorry. I will not go to jail over this. I have a family to support, and I have a lot of staff that have families to support. So there are limits.

But I am not beyond considering every possible loophole and edge case we, or my lawyers, can come up with to help defend these principles.

What can A&A do?

We can explain our principles, and we can try and help people understand how to circumvent all sorts of monitoring and snooping as much as possible to ensure people get respect for their basic human rights related to privacy.

We can, of course, try and appeal or defend any such orders if we get them, and we will.

What about the canary? Does it help?

The way the law is worded now, there are various parts with various gagging orders. Some parts are a tad tame, civil enforcement. No, I am not a martyr, but would I go for challenging it in civil courts, maybe. Hard to say, and at the end of the day that would not really help. This is the real point here, but we cannot risk criminal laws even for the "tame" parts of the IPA by invoking the Official Secrets Act. So even that may be a problem.

You cannot trust what anyone says with the law as it is. It is not really acceptable for a democratic society, in my view. It is not a matter that law "compels you to lie", but that by not lying you may be breaking the law. If you see what I mean. No, don't lie as that is fraud, and no, don't not lie as that is breaking a gagging order, catch 22. Pick your crime?!

What is important is that everyone assumes there is snooping and monitoring. I am sure that getting BT Wholesale or TalkTalk Business to deep packet inspect our PPP traffic is against the law, sorry. The Home Office do not agree. In a civilised society this would have a chance to be decided by a court, but in a world with secret orders and gagging requirements, it will never get tested.

So if you do trust us (and why not) you may already be snooped on in the back-haul network, so take measures to protect yourself.

If you take such measures, you don't need to trust us, and so we don't need to be on the spot with a canary!

What about the canary going forward?

I am formulating a plan here...

First off, I put anything canary related in one place, make one page with a clear signed and dated statement and link to that. It states what we do not have (any order under IPA) and is dated and signed, and ideally states when or if we plan to update the statement.

That fits well with what we have now, and puts in one place. It removes the "ask me on irc or in person" and so on.

Cunning plan?

My lawyer pondered this and may be regretting it now - but if the warrant canary covers many things nobody knows the discontinuation of the canary is because of reason X and as such that cannot be seen as disclosing reason X.

So a canary could say, for example :-
  1. I have a beard
  2. My dog, Lilly, is still alive
  3. We have never had an intercept capability order at A&A under IPA
  4. We have never had a data retention order at A&A under IPA
And when we stop making such statements, all you know is one of those things is no longer true.

By stopping, we are not breaching a gagging order, obviously, especially if I happen to have shaved.

Sadly, any "cunning plan" like this is almost certainly a bad idea, sorry.

Simpler plan?

A simpler plan is just set a date, e.g 2020, from which we no longer make any statement about IPA orders.

9 comments:

  1. So. Would you lie if asked out right or just not respond?

    ReplyDelete
  2. Replies
    1. Only if asked to lie :-) But seriously, I would try and ensure I never lie. If a law can compel that I have to consider moving to a saner country.

      Delete
    2. It’s a very curious problem. If you had a regular pint with a friend and you cancelled for no reason it would be the sign to update a foreign canary. Obviously the whole arrangement would need to be secret. You could of course cancel with a reason to not disturb the canary. But a txt to say sorry I can’t make tonight would be enough to trigger the message.

      Delete
    3. Yes, if I can make it so that proving I instigated the canary breach is really hard, maybe. But that is probably not that hard in most cases with a bit of work.

      Delete
  3. So you are condemned to keep your beard as long as possible... please don't shave (but if you do, upload your new face everywhere, we all want to know/see).

    ReplyDelete
  4. Interesting article from Schneier where he suggests that warrant canaries are legal flimflam and will be ineffective and frowned on by courts. If that's true it would be akin to those "Freemen on the land" lot who believe they can use the same pseudolegal woo tactics to avoid paying road tax, etc, and always end up losing.

    Perhaps it would be safer to formally abandon yours now in case you end up in a position later on where doing so would breach an order.

    https://www.schneier.com/blog/archives/2015/03/australia_outla.html

    ReplyDelete
    Replies
    1. Quite, the idea is simple “you cannot be compelled to lie” but sadly the practice is simple too “you are not compelled to lie, but you can be compelled to go to jail”.

      Hence my discussion on dismantling the canary.

      Delete
    2. Sorry Adrian, I've been misunderstanding all along. I thought you were asking for ideas on how best to remove the canary, if it was triggered, so as to avoid an allegation of breaking a gagging order, hence my earlier replies re legal advice, etc. You're talking about just getting rid to avoid all potential problems which I get now.

      I don't see a problem with simply announcing now that you're happy to state that as of now A&A still has no interception orders and no black boxes, but that due to the legal minefield of managing a canary you've decided to abandon it with immediate effect, ahead of any potential orders that could come in the future. ** If asked about orders or black boxes in future you may or may not confirm that A&A still has none **

      I don't see how that could generate any risk. If asked in the future, you have discretion to confirm still no orders or black boxes (which would reveal you have none) but you might also choose to not confirm, which reveals nothing since you've already said in this announcement that you might choose to not confirm.

      Delete

Comments are moderated purely to filter out obvious spam, but it means they may not show immediately.

Missing unix/linux/posix file open option

What I would like is a file open option for "create replacement file". The idea is that this makes a new inode in the same mount p...