SpiderOak Implements A Warrant Canary

Screen Shot 2014-08-13 at 5.02.44 PM

SpiderOak, the privacy-focused, Snowden-approved Dropbox rival, is set to announce that it will join the growing ranks of companies who’ve implemented a “warrant canary”.

The idea behind a warrant canary: if the government comes to a company with legal demands and a gag order in tow, that company can’t say anything to its users about it. They can, however, suddenly stop saying everything is okay.

Hence the “canary” (as in “canary in a coal mine”) name. Miners weren’t worried about carbon monoxide when the canaries chirped; they were worried when the chirping stopped.

With this move, SpiderOak joins the likes of Apple, Tumblr, Pinterest, and a handful of others who are putting the warrant canary concept to the test.

SpiderOak should have a full breakdown of their new canary setup on their blog shortly, but here’s the gist: every 6 months, they’ll re-publish this page with an “All clear!” message. Three PGP signatures will sign the page for authenticity — so if someone wanted to force SpiderOak to update the page, they’d have to get all three (remotely located) signers to help.

Why every 6 months? The company says that’s about how long they’ll need to figure out if a claim is legit, and whether or not they can fight it.

[Photo via Dario Sanches on Flickr, used under creative commons]