But you said it: there's still too much identifying information left on the table.
There's another angle that threatens Calyx, too: they're just one rider on a "must-pass" bill away from being shut down and tied up in court. Or worse, made to _silently_ monitor your traffic after all their publicity about their privacy.
National Security Letters make it clear: the gag orders mean even if Nick Merrill wanted to tell you his company had been compromised, he wouldn't be able to.
There does seem to be a technical workaround, known as a "canary," where Nick Merrill posts a daily message far and wide signed from an air-gapped physically-secure private key that basically says, "Today is 11/Apr/2012. Under penalty of perjury, I have not been served with any legal threats."
Thus, the day the "canary" stops appearing, it becomes obvious what has happened; it seems that our current legal climate probably cannot compel him to _commit_ perjury, and his _inaction_ in posting his "canary" does not constitute a violation of any gag order; ironically, he conforms to it and by so doing alerts his customers to the problem.
Problems with this approach include:
• All the sites he has been using for the canary could get shut down simultaneously a la Megaupload
• Compromise of his private key
• Dwindling interest by his customers in checking multiple sits every day, even if the process can be mostly automated
"Today is 11/Apr/2012. Under penalty of perjury, I have not been served with any legal threats."
Under penalty of perjury is a meaningless phrase unless a court or other authorized body is requiring that statement of you. Look: under penalty of perjury, I am Chief Justice John Roberts of the United States Supreme Court.
Well, I'm not Chief Justice John Roberts. I lied about that. Am I in danger of going to jail for contempt of court? No, because nobody with judicial or administrative power required me to make a truthful declaration. Rather I made a statement I wanted you to believe and attached a common legal incantation to it - little different from a religious expression, such as 'God strike me dead if I lie.' In earlier times when people had little understanding of science, the sheer randomness of the world was attributed to mysterious divine provenance, and of course every so often these beliefs are validated in such dramatic fashion that the story is repeated (http://members.tm.net/lapointe/Lawyers3.htm for example, from 1988).
An awful lot of hackers I've met seem to think that law is strictly a matter of form, that if you say certain words in a certain order legal validity (and thus, truth-value of some sort) automatically attaches to them. This is not how law works, this is how magic works - and it's a good example of Arthur C. Clarke's comment that 'any sufficiently advanced form of technology is indistinguishable from magic.' Legal conventions are a form of social technology, and can not be taken at face value this way, any more than nontechnologists can foretell the future from blinkenlights.
It's the same notion that compels people to write "I don't own this song" under the youtube uploads of albums, as if mentioning copyright issues absolves you from them.
That being said, there are magic words that you can say that have very strong legal weight. For example, attaching a GPL licence to a piece of code you wrote has significant legal ramifications.
It's clear that "Under penalty of perjury" doesn't accomplish the intention of giving a canary message greater legal weight. I am, however, curious if there are some other "magic words" that could exist in a canary message which would help to signify its validity. For example, making it illegal for someone to fake the canary message.
I actually don't know if the government could require you to falsely affirm the nonexistence of a legal investigation as part of a gag order - in other words, if you simply stopped publishing your canary message, whether you could be required to do so. Perhaps the failure to comply with such a request would qualify as an obstruction of justice if therre were a colorable risk of it impeding a lawful investigation by tipping off the subject of the investigation; law enforcement officers with an appropriate warrant or authority could require an explanation of how the canary mechanism worked, in the same way that they could require you hand over keys to one's safe, say. There's no right to silence for non-defendants such as material witnesses.
First, thanks for adding good insights into what would (and would not) stand in court.
Would a 5th Amendment right (not witnessing against herself / self-incrimination) protect the owner of the ISP against a charge of obstruction of justice?
i.e. Owner of ISP refuses to post the canary after a gag order. She is not named as a defendant in the investigation. But she can defend herself against obstruction of justice charges: plead the 5th, and thus she is not compelled to falsely affirm the canary.
It's not clear this would work, either, but there might be some pretty solid precedents that could be used in this way.
Subornation of perjury is the crime of persuading a person to commit perjury; and also describes the circumstance wherein an attorney causes or allows another party to lie.
It's pretty clear this, not magic, is the end goal of the original statement.
You've misunderstood the Wikipedia article, which is not surprising because it is poorly written. The government can establish mechanisms for people to provide statements "under penalty of perjury", such as IRS forms. But the mere words "under penalty of perjury" aren't a magic incantation; they have force only when specifically given it by the government.
"Under penalty of perjury" is just a mechanism for substituting a written declaration for an in-person swearing.
If you look at the statute, the governing condition is (paraphrased) "under laws or circumstances requiring or permitting a sworn statement".
>>National Security Letters make it clear: the gag orders mean even if Nick Merrill wanted to tell you his company had been compromised, he wouldn't be able to.<<
Wouldn't be able to legally. If he feels strongly enough about this to start a company, he may feel strongly enough to defy the law.
When your opposition can legally order predator strikes on you, imprison you indefinately without charge, torture you in it's own military prisons and secretly ship you off to 3rd world prisons for more torture - then I don't think little legal tricks like reverse canaries are really going to work.
I agree that it's not much of a surprise, but tell me why wouldn't it work?
I don't have to reveal the hidden ___location and password to my air-gapped private key unless I am in court.
I agree that spending the rest of my life at Hotel Guantanamo isn't my favorite, but if he defies the Federal Gov't's established secret wiretapping, surely he has assessed the possibility of this happening already and he's not afraid?
Who knows the secret key/has access to the system?
Just him - in which case what happens to my data if he walks under a bus?
Or all the admins/the board/the lawyers?
So a three-letter-agency guy turns up with a SWAT team, you only need one of them to decide to reveal the key with a gun at their head - or with the threat that child porn would be found on his laptop/20kg of heroin would be found in his apartment. Chain = weakest link.
The "weakest link" problem can be ameliorated to some extent by using secret sharing cryptography, so that at least x% of participants must cooperate to reveal the secret key.
But you said it: there's still too much identifying information left on the table.
There's another angle that threatens Calyx, too: they're just one rider on a "must-pass" bill away from being shut down and tied up in court. Or worse, made to _silently_ monitor your traffic after all their publicity about their privacy.
National Security Letters make it clear: the gag orders mean even if Nick Merrill wanted to tell you his company had been compromised, he wouldn't be able to.
There does seem to be a technical workaround, known as a "canary," where Nick Merrill posts a daily message far and wide signed from an air-gapped physically-secure private key that basically says, "Today is 11/Apr/2012. Under penalty of perjury, I have not been served with any legal threats."
Thus, the day the "canary" stops appearing, it becomes obvious what has happened; it seems that our current legal climate probably cannot compel him to _commit_ perjury, and his _inaction_ in posting his "canary" does not constitute a violation of any gag order; ironically, he conforms to it and by so doing alerts his customers to the problem.
Problems with this approach include:
• All the sites he has been using for the canary could get shut down simultaneously a la Megaupload
• Compromise of his private key
• Dwindling interest by his customers in checking multiple sits every day, even if the process can be mostly automated