How our warrant canary and transparency report work

Why these exist

Most countries with intelligence agencies also have laws that let those same agencies serve secret orders to companies, and then they forbid the company from telling anyone that the order exists. In the United States, that includes national security letters and FISA orders. A regular transparency report cannot cover and confirm those orders, but a warrant can. By inverting the disclosure, instead of confirming an order was received, the company affirmatively states that none have been. If the canary stops being updated, then that is the signal.

What our transparency report shows

Our transparency page tracks every single law enforcement request that we are legally allowed to publicly disclose. Right now, the current count is currently zero across every category. Even when we accept a legal request, the only thing that we can provide is metadata. Your email contents, subjects, attachments, contacts, and folders are all encrypted locally on your device, and you hold the keys, so we are unable to decrypt your messages. A subpoena for the contents of your inbox would return ciphertext.

What our warrant canary contains

Our canary is a short PGP-signed text file. Its purpose is to declare that there are no warrants or searches that have ever been served on Aster Communications Inc. It includes a current news headline to prove the message was not pre-generated. It is signed with the PGP key for [email protected], which is published independently on keys.openpgp.org. We sign and publish a fresh canary every quarter. If there is ever more than a quarter past its last signing date, then treat it as the disclosure it is meant to be.

What warrant canaries do not protect against

The legal theory that the US government cannot compel a company to publish a false canary has never been tested in a US court. Most legal scholars believe that compelled false speech would violate the First Amendment. “Most legal scholars believe” is not the same as “a court has ruled.”

A canary is also specific to one single threat: the secret legal process. It does not protect against malware on your device, weak passwords, or metadata we can see at the network layer. The canary is only there to tell you that nothing has been compelled, and our architecture is what makes the result useless if something ever is.

How to verify both yourself

Check the canary date. If it is overdue, ask publicly on our Discord or anywhere else we are expected to respond. You can verify the PGP signature with gpg —verify. Our public key can be found on keys.openpgp.org. If the signature were to ever fail to verify, that is a signal in itself. Watch for changes in the language, not just the absence. The canary text is intentionally short and consistent, so any change is visible when it happens.

What we commit to

We sign a fresh warrant canary every single quarter. We will never publish a false one, and we will not silently change the wording to satisfy an order that we cannot disclose publicly.

We update the transparency report page whenever there is something new to report. Right now there is zero, and there is no request that we have received. We hope it stays that way, but if it does not, we are prepared. You will see the numbers change and a note explaining what we received and what we provided. We will try our best to contest as many legal orders as we can.