Why PIA doesn’t fly a warrant canary: it’s solving the wrong problem
Private Internet Access doesn’t have a warrant canary. That’s because warrant canaries alert somebody to damage that has already happened. The right way to go about the problem is to prevent the damage from happening in the first place.
At PIA, privacy is at the soul of what we do. Our business partners have occasionally been surprised when we say upfront that we’re in privacy first, business second – but that’s the passion we have. Making money is a matter of being able to continue pursuing the primary goal, privacy, on a sustainable basis.
Given this, we’re sometimes asked why we don’t fly warrant canaries on our web page: having a short statement designed to technically circumvent gag orders about what, when or where various authorities have legally coerced us to give up private information on our customers. A warrant canary can look like this:
“In 2014, this company did not receive any coercing legal request for private customer information.”
The idea is that if and when this statement disappears, it’s the equivalent of saying there were authorities grabbing what they wanted and preventing the company from talking about it – so what the company does, in order to circumvent the gag, is to remove the statement that it’s never happened.
This is going about the problem in the wrong way, when you’re a privacy company. The right way is to not have any collectable information in the first place.
A warrant canary is a little bit like a fire alarm going off. Great. You know there’s a fire. Now what do you do?
This is why at PIA, we have designed our operations to prevent this from happening in the first place. There are no logs. There is no identifying information that can be collected, regardless of the amount of force applied. There are several companies who claim they don’t log, but do anyway at the end of the day. In contrast, we have public court records to prove we don’t log anything, available for anyone to read (pages 11-12):
“All of the responses from 1&1, Facebook, Twitter, and Tracfone have been traced back by IP address to … privateinternetaccess.com. […] A subpoena was sent […] and the only information they could provide is that the cluster of IP addresses being used was from the east coast of the United States. However, [PIA] did provide that they accept payment for their services with a vendor company of Stripe and/or Amazon. They also accept forms of payment online through paypal, bitpay, bitcoin, cashyou, ripple, ok pay, and pay garden.”
The actual court record looks like this, with this passage divided across a page break:
So with nothing logged that can identify our users, and public court records to show for it, the question remains what to do if PIA is coerced into logging – or rather, if authorities try to coerce PIA into something like that, such as was the case with Yahoo recently, when the NSA had forced it into spying on its own users.
There is a precedent for this, and it is Lavabit choosing to shut down operations instead of selling out its users (specifically, selling out Edward Snowden). That’s also exactly what Private Internet Access has already done once, when Russia demanded that we start logging our users’ identities, after seizing PIA servers.
Our response was to immediately shut down operations in Russia:
The Russian Government has passed a new law that mandates that every provider must log all Russian internet traffic for up to a year […] Upon learning of the above, we immediately discontinued our Russian gateways and will no longer be doing business in the region.
And this, in summary, is why Private Internet Access doesn’t use warrant canaries.