What is Warrent Canary and What VPNs Use It?

Warrant Canary Programs – The Little VPN Birdie Told Me

In today’s hyper-connected world, it’s more important now than ever before to take advantage of technology that protects your information. We’re talking about your privacy, personal data, and your online activity. We discover more and more every day just how much we are actively spied on. Most of the time we have no idea that it’s actually happening. Most of the time this spying is conducted by organizations like Google and Facebook. These platforms just dig into our data in exchange for “free” services. However, sometimes the spying is quite a bit more sinister. This is why Virtual Private Network (VPN) services have become so popular and why it’s critical to move forward with a VPN provider that offers a Warrant Canary Program. Let me show you everything you need to know about Canary Programs and which VPNs offer them.

What is Warrent Canary and What VPNs Use It?
What is Warrant Canary and What VPNs Use It?

What Exactly is a VPN?

 Very quickly, a VPN is essentially a “tunnel” that you connect your internet service through that acts as a middleman between your device and everything that you do online. Everything you search for, every site you visit, and everything you punch into your keyboard is routed through a number of VPN servers located all over the world.

You basically move your online activity into a digital “clean room” with full encryption across the board. This offers you a degree of privacy that traditional internet connections can’t provide. If you want to insulate your personal and private data from prying eyes all over the internet a VPN is the way to go.

What Are Canary Programs?

Warrant Canary LogoPeople around the world are becoming more aware of their online activity. In fact, internet users do recognize that governments and ISPs are regularly spying on them without their knowledge. Technically, that’s a violation of their privacy and security.

Well, sorry to be the bearer of bad news, but your government recognizes your awareness. That’s why all over the world, including the US, governments serve secret warrants (as well as search and seizures) for digital data of online users all the time.

Because of legislation like the US Patriot Act, these warrants are sealed completely. Unfortunately, this allows these governmental agencies to do pretty much whatever they want without you ever being the wiser.

On top of that, because they recognize just how sinister this kind of underhanded activity is, these government agencies mandate that VPN providers – and even traditional internet service providers – are not allowed to tell or warn their users that they are under surveillance.

 Thankfully, many of the best VPN providers out there have instituted “Canary Programs” that allow them to alert their users that they might be under surveillance right now, even if they cannot directly warn them without violating the law.

Why Are Warrant Canary Programs Important?

Canary Programs’ name comes from the little birds that miners would bring along when they dug deep into the earth. If the mine started to fill up with toxic gases these little canaries would die long before the humans that were also being poisoned would be (because their lungs were so much smaller), acting as a warning signwithout actually screaming out that something was wrong – for everyone to evacuate.

Canary Programs serve the exact same purpose. They are designed to warn you (without overtly warning you) that you may be under surveillance, that you should be concerned about being spied on, and that the odds are good that your personal and private activities on a VPN are being more closely scrutinized. 

The Warrant Canary Program in Action

NordVPN has a simple and straightforward Canary Program in place, one that every single user can actively view at any one particular point in time to determine whether or not the VPN is safe enough to move forward with.

 What they’ve done is published directly on their website and announcement that they HAVE NOT RECEIVED ANY:

  • National Security Letters.
  • Gag orders.
  • Warrants from any government organization around the world

They also share with their users that while they aren’t allowed to tell them if they have received any of these notifications that they should be on the lookout for this page – the Canary page – to go down.

If it disappears that means that they HAVE received National Security letters, gag orders, or warrants from government organizations around the world. They’re basically telling you what happens without telling you what happens. It’s a bit wink, wink – but that’s how the process has to unfold because of the way that government agencies have written their laws around the world.

As big of an example NordVPN is, there’s another big company that I would like to mention. Large corporations like Apple also adopt Warrant Canary programs. If you read their transparency report:

“Apple has never received an order under Section 215 of the USA Patriot Act. We would expect to challenge such an order if served on us.”

This is clearly a Canary Warrant. So, if you’re an Apple user, make sure to check this on a regular basis. If Apple made any change or haven’t for a long time, you should be concerned.

The Actual Action Begins

Alright, so I’ve shown you an example of what a Warrant Canary is. But you’re here to understand exactly what it’s all about and how it works. And what better way to demonstrate that than with an actual incident? Well, I’m a giver and I’ll provide you with three examples where Warrant Canary was applied. Here they are:

  • Ever heard of Riseup.net? They have a Canary Program, but there was a problem. A while ago, they failed to update their warrant, which is pretty concerning for those who use the encrypted email service. Their update should’ve taken place, but it didn’t. That means they’ve received an NSL request in the past quarter.
  • Another example is one of the world’s biggest websites, Reddit. Back in March 2016, the popular website deleted their warrant canary from their regular transparency report. Now, can you tell me why would this happen? It’s pretty obvious that they received NSL letters.

I’m not going to use this as a bullet point as this example is my favorite. It’s like an episode of The Mentalist but in real life. With over 30 million downloads, encryption software Truecrypt had become very popular among users. Suddenly, the source forge page stated the following: “Using TrueCrypt inot secure aimay contain unfixed security issues.” Some tech-users decrypted the message and stated that it is a Warrant Canary.

  1. First, take the bolded letters in the statement.
  2. You’ll have “uti nsa im cu si”, which is Latin for “Unless I want to use the NSA.”
  3. This translates to this as a full statement: “WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues unless I want to use the NSA.”
  4. Now you should understand the warning as such: “Don’t use TrueCrypt because it is under the control of the NSA.”

 These VPN Providers Have Canary Programs 

Obviously it’s a better idea to move forward with VPN providers that have Canary Programs in place. It’s so much more secure and private than moving forward with those that do not. Canary Programs protect your safety and security by letting you know (without expressly telling you) that your information and data may become compromised if you keep using the service after the Canary has gone down. To help you find the best VPN providers using Canary Programs, we’ve put together this quick (but not totally comprehensive) list of providers worth checking out: (Accurate as of September 2019)

  • BolehVPN
  • CryptoStorm
  • iPredator
  • iVPN
  • Perfect Privacy
  • SH
  • SlickVPN
  • SurfShark
  • Zone
  • VPNhub

Warrant Canary Programs Explained – Final Thoughts

NSL is designed to allow the government to secretly request and monitor data from your ISP or VPN provider. That’s why VPNs take measures to inform their customers in a very subtle way, Warrant Canary Programs.

Now you know everything there is to Warrant Canary and which VPN providers offer such programs. If you have further questions, please drop them in the comments below and I’ll be more than happy to answer them.

Tania Becker

Tania's work at Whatismyip.network revolves around covering the latest cybersecurity news. She has also written several guides on how to bypass regional restrictions.


Leave a Reply

Your email address will not be published. Required fields are marked *