[schneidmaster]

No, nothing has changed on that front. If you have not received any National Security Letters, it is legal for you to say "I have never received an NSL" (as other commenters have suggested). Warrant canaries rely on the idea that it is much more legally difficult to compel speech than to restrict it. There is no (non-secret) case law indicating that a NSL recipient could be compelled to lie and include the warrant canary paragraph in a future transparency report, while there is case law indicating that NSL recipients can be prevented from actively disclosing the letter (gag orders are fairly well-established in particular aspects of our legal system).

The reason why warrant canaries are binary is that once an NSL has been issued, the case law that the parent commenter linked comes into play: companies may only indicate in buckets how many they have received (0-249, 250-499, etc). So you couldn't have your warrant canary say "I have never received more than 3 NSLs" then "I have never received more than 5 NSLs" etc.

[forgotpwtomain]

So what happens if you make a range of canaries? e.g.

- We have not received any requests in Q1 of 2016.

- We have not received more than 50 requests in Q1 of 2016.

- We have not received more than 100 requests in Q1 of 2016.

[schneidmaster]

If I understand your scenario, the problem is that you would have to remove all the canaries as soon as you receive your first NSL. As soon as you receive a NSL, you may only disclose the number of NSLs you have received in the buckets I mentioned above, so you would not be able to say "we have not received more than 50/100 requests;" you would only be able to say "we have received 0-249 requests." So the canary still only works to tell people that you have never received an NSL.

[ChicagoBoy11]

But I think the "novelty" in his scheme is that he has separate canaries for different time periods -- so it may not be helpful in letting users know the number of requests received, but it would allow them to know when they had been received.

Assume he had a scheme that just said the following:

We have received no NSL letters in Jan 2016 We have received no NSL letters in Feb 2016 We have received between 0 and 249 NSL letters in March 2016 We have received no NSL letters in Apr 2016

[schneidmaster]

Oh, well that scheme wouldn't be legal for a few reasons: once you receive an NSL you aren't allowed to say you've received 0 NSLs in a given time period (you can only report in 0-249 buckets so you couldn't say "We have received no NSLs in Jan 2016") and the granularity with which you can report (on my read of the document: [1]) is per year or per six months depending on which option you choose (so you couldn't say "We have received 0-249 NSLs in March 2016", just "We have received 0-249 NSLs in 2016").

The only reason the canary "works" is as a binary option - if you say "We have never received an NSL" up until you receive one, the government cannot compel you to continue including that line in your report, because that would be compelled speech which is legally difficult and (as far as anyone knows) hasn't been attempted. But anything you say beyond that related to the quantity or existence of NSLs is subject to the linked guidelines. In other words, they cannot force you to continue including a paragraph (the canary) in your report, but they CAN regulate anything you do choose to include in your report.

[1]: https://www.justice.gov/iso/opa/resources/422201412716042240...

Edit: NSL letter, ATM machine, blah

[ChicagoBoy11]

Hmm that's really interesting. I guess I just wondered if somehow there was a case for trying to really stretch that idea of not being able to "compel" speech to its fullest limits by simply issuing separate canaries for different time periods, then simply removing it for the time period in question. By the logic you present, you still have a binary option -- you just restrict its scope. But I guess what would happen in this case is those separate "scopes" that I tried to create would simply all collapse into one, following the per-year/six-month option you cited above.

So even if before I received any letter I'd tried to be clever and just said: "No NSL letters in March, No NSL letters in April.... etc.", if I ended up receiving one during that time period at all, all of those WOULD HAVE to collapse to "We have received 0-249 letters in the first semester of 2016 (or 2016 altogether)"

[squeaky-clean]

> So even if before I received any letter I'd tried to be clever and just said: "No NSL letters in March, No NSL letters in April.... etc.", if I ended up receiving one during that time period at all, all of those WOULD HAVE to collapse to "We have received 0-249 letters in the first semester of 2016 (or 2016 altogether)"

Sort of. There's also a required 6 month delay. So if you received an NSL today, but had "No NSLs in Jan" , "No NSLs in Feb", "No NSLs in Mar", etc, you would need to remove all those and could not report the 0-249 number until 2017.

[jrochkind1]

There might be a case for it, the whole gag order regime is pretty sketchy constitutionally if you ask me (not a lawyer). You could violate the law, go to court, spend lots of on laywers, and maybe win eventually. The cost of losing would be high to your company, heck the cost of winning would be pretty high too. Few companies are interested in taking on this risk.

[rtpg]

The legal system frowns on trying to "hack around" the intent.