When Apple published its first Transparency Report on government activity in late 2013, the document contained an important footnote that stated:
“Apple has never received an order under Section 215 of the USA Patriot Act. We would expect to challenge such an order if served on us.”
Writer and cyber-activist Cory Doctorow at the time recognized that language as a so-called “warrant canary,” which [company]Apple[/company] was using to thwart the secrecy imposed by the Patriot Act.
Warrant canaries are a tool used by companies and publishers to signify to their users that, so far, they have not been subject to a given type of law enforcement request such as a secret subpoena. If the canary disappears, then it is likely the situation has changed — and the company has been subject to such request.
Now, Apple’s warrant canary has disappeared. A review of the company’s last two Transparency Reports, covering the second half of 2013 and the first six months of 2014, shows that the “canary” language is no longer there.
The warrant canary’s disappearance is significant because Section 215 of the Patriot Act permits the [company]National Security Agency[/company] to demand companies to hand over their business records in secret.
The Patriot Act tool is also controversial because the NSA gains permission to use it by applying to the FISA Court, a body where only the government can speak and whose records are kept almost entirely secret. The tech industry has been battling to disclose the existence of so-called “FISA requests” and only won the right to do so this year; however, companies must wait six months to disclose the number of requests they receive, and can only do so as a range (such as “0-999”).
The disappearance of Apple’s warrant canary thus suggests that the company too is affected by FISA proceedings. Apple did not immediately respond to an email request for comment.
Update: As the ACLU’s Christopher Soghoian has noted, Apple’s latest report says it has not received any orders for “bulk data.” That language, however, appears in the National Security Letter section of the document (NSL letters concern domestic FBI requests, not FISA requests) and, in any event, not all FISA requests concern bulk data.
Meanwhile, as stated above, Apple is newly silent in regard to Section 215, the law that covers the FISA requests whose existence is subject to temporary non-disclosure rules. The upshot is that it is unclear if Apple has not received any FISA requests, or if it is under a gag order not to disclose such requests.
Update 2: Ars Technica suggests that the disappearance of the warrant canary is a result of Apple following new Justice Department guidelines that permit companies to immediately publish ranges of surveillance requests — so long as the figure reflects a combined number of FISA requests and NSL requests. In other words, Apple may have received NSL requests, but not FISA ones (that does not necessarily explain, however, its decision to remove the section 215 language).
This story was updated at 3pm ET to note the “bulk data” comment, and at 5:30pm ET to note the Justice Department guidelines. This story was corrected at 9:50pm to remove a sentence suggesting that section 215 of the Patriot Act was the legal basis for the NSA’s secret data collection program known as PRISM; that program was based on a different law.