Hackers are bad at thinking "oh, I'll just not not not not do the thing, and it will all be okay, I'm so clever." They imagine they are Captain Kirk talking a computer to death. No one has ever been as smart as them!
We wouldn't let a CEO route around insider trading laws with a "I don't say this is a good time to buy my stock" canary. We wouldn't let a prosecutor under orders not to discuss a case with the public get away with it by selectively deleting a series of canaries.
Given that Reddit has exercised their warrant canary already and other big companies have them, apparently actual lawyers think it's a valid strategy.
In any case, I think that you may be able to play chicken with them over warrant canaries, since the people who use NSLs probably aren't interested in giving anyone standing to challenge them in court.
Again: if you are told not to communicate something, you don't communicate it. How come the CEOs who try all sorts of crazy things to work around insider trading haven't tried this?
Given that Reddit has exercised their warrant canary already and other big companies have them, apparently actual lawyers think it's a valid strategy.
You have no idea what is going on with Reddit or Apple. I know the EFF is eager to get people to sacrifice themselves on this altar. That says more about the EFF than about the state of law.
I think being put under a security order you can't discuss is a serious liberty problem. It doesn't follow that some crazy scheme is the right reply.
Legal opinions vary on this subject. Some feel (as you apparently do) that an order not to reveal the receipt of a NSL would require someone to leave a "warrant canary" in place. Others[1] feel that the US legal system does not permit the government to require someone to lie. The only way to find out for sure is for the government to prosecute someone for deleting a warrant canary[2] and either succeed or fail. This has never happened.
Your basic point that "the judicial system isn't stupid, and you can't just violate the rules but with a squirrelly definition and expect to get away with it" is true in general. Your example of insider trading laws is correct. But there are reasonable arguments that a warrant canary is a legitimate legal tactic.
[1] For example, https://www.eff.org/deeplinks/2014/04/warrant-canary-faq
[2] Or to make enough of a threat to do so that the person has standing for a declarative judgement.
So you don't leave a canary in place, it just expires and you don't put up a new one.
When were National Security Letters with gag orders prohibiting disclosure tested for constitutionality, in cases when the gag orders are violated and the government wants to punish somebody for disclosure?
Still, canaries are a bit complex. You obviously can't prove why one was taken down, because you can't speak about it.
People floated the idea of using long "canary lists" of different things ("haven't received more than one request for user data", "haven't received more than two requests", etc), but there's suspicion that it wouldn't be legal because it would count as revealing specific facts (and you could perhaps be compelled to remove all of them at once). As is, they don't seem to have been rejected or broken, but they have to take the form of one-and-done notices that something happened.
