(Header image by Doug Thompson)
In the United Kingdom, existing and proposed laws provide for secret warrants allowing the interception and seizure of your electronic data. These warrants are authorised by a single political post, the Secretary of State, without involving the Judiciary in any meaningful way.
Some of these laws contain provisions that make the disclosure of the existence of a warrant a criminal offence, meaning that we could not inform you of something that would significantly affect the users of Nimbox’s services.
We believe, as does civil society at large, that bypassing our Judges and handing this immense power to a single, largely unaccountable politician, is a gross insult to our democracy.
We’re very open about being a law-abiding company, and as such we comply with legal requests that are in the letter and spirit of the law. But, we will not be passive when a government is eroding the liberties of its citizens.
Because of this, Nimbox’s Warrant Canary is born.
What is a Warrant Canary?
A Warrant Canary is a regularly published (and verifiable) statement that a service provider has not received a legal order that it must hide from you, such as a RIPA Interception of Communications warrant.
Nimbox will publish, along with its Transparency Report, an updated Warrant Canary each quarter, declaring that we have not been ordered to spy on our users.
As long as our Canary continues to exist and be updated, users can surmise that we haven’t received a secret warrant. You should take special note if these messages cease to be updated, or are removed entirely.
The content of our Canary
Our Warrant Canary will declare that as of the publishing date, no warrants have been served, nor have any searches and seizures of our assets taken place.
It will also contain a ‘cut and paste’ headline from a major news establishment, certifying a date. This news headline proves that we could not have created a series of declarations in advance.
The warrant canary process is far from infallible, however by signing this file with our PGP key we can prove that no third-party has forged a declaration. This does not prevent somebody from using force to coerce us into producing a false declaration.
Verifying our Canary
You can find our public key here.
Tracking our Canary, and its updates