Send in your ideas. Deadline June 1, 2024
Source code :
More info available :
Theme fund: User-operated Internet Fund
Start: 2021-12


Warrant canary standardization and automation

As decentralised internet access provisioning and cloud services become more widely available and user-operated, more and more people will be forced to compromise the security of their users through various forms of legal coercion. A common form of such coercion across the world is a so called 'gag order' : an operator of an infrastructure of interest (for instance a community network or small ISP) is secretly forced into give wiretap access, and their lips are sealed because of the risk of a severe penalty of sometimes years of imprisonment. In other cases, raids may have been conducted on hardware and operating premises, meaning a service is no longer trustworthy at all. Obviously, depending on where you live or what you do, such a compromise can endanger the lives and safety of many.

In most countries it may be the case that one can be legally forced not to speak or write about such a violation of the integrity of a service or network, but one cannot be forced to actively lie either ("you have the right to remain silent"). One proven effective means of countering this kind of attack on services is therefore to continually publish "all is well" statements, until something happens - at which point the reassuring statements dry up, and users are warned. Canarytail tracks, documents and automates these statements, and is an attempt to standardise this important safety net for users of any service - decentralised or not.

Logo NLnet: abstract logo of four people seen from above Logo Technology Commons Trust: letterlogo

This project was funded through the User-Operated Internet fund, a fund established by NLnet made possible by financial support from the PKT Community/The Network Steward and stichting Technology Commons Trust. Your donation is welcome too.