Has the US forced Reddit to secretly hand over user data?

Disappearance of "warrant canary" seen as tacit admission of government data request

Reddit users may no longer be safe from government spying.

The message forum site has removed a "warrant canary" from its latest transparency report, suggesting it has now received at least one classified request for user data.

National security letters and Foreign Intelligence Surveillance Act requests come to companies in secret requests for users' information, and the nature of these requests is such that companies are forbidden from even saying they have received them.

The "warrant canary"

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Reddit got around that last year by including a "warrant canary" for its Transparency Report 2014, that read: "As of January 29, 2015, reddit has never received a National Security Letter, an order under the Foreign Intelligence Surveillance Act, or any other classified request for user information. If we ever receive such a request, we would seek to let the public know it existed."

The idea works as a tacit admission, if the statement ever disappeared from future reports, that Reddit had received such a request.

After releasing its Transparency Report 2015 yesterday, one user spotted that the statement was no longer included.

This led Reddit admin Spez to say: "Even with the canaries, we're treading a fine line. The whole thing is icky, which is why we joined Twitter in pushing back."

Twitter is suing the US Department of Justice for a violation of free speech in an ongoing court case, after the department prevented the tech giant from revealing how many secret requests for user data it receives.

Reddit's apparent admission comes after data protection campaigner Max Schrems sued Facebook over allegedly transferring EU citizens' data to the NSA, something Facebook denied.

Advertisement - Article continues below

The court case eventually led to the European Court of Justice scrapping the Safe Harbour agreement in October 2015, saying it could not be relied upon to protect EU data transferred to the US. 

A replacement agreement dubbed Privacy Shield is currently being considered by various parts of the EU.

Featured Resources

Digitally perfecting the supply chain

How new technologies are being leveraged to transform the manufacturing supply chain

Download now

Three keys to maximise application migration and modernisation success

Harness the benefits that modernised applications can offer

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

The 3 approaches of Breach and Attack Simulation technologies

A guide to the nuances of BAS, helping you stay one step ahead of cyber criminals

Download now
Advertisement

Recommended

Visit/data-insights/data-management/354423/eu-us-data-transfer-tools-used-by-facebook-ruled-legal
data management

EU-US data transfer tools used by Facebook ruled legal

19 Dec 2019
Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019
Visit/backup/33385/arcserve-udp-9240dr-review-beef-up-your-backups
backup

Arcserve UDP 9240DR review: Beef up your backups

4 Apr 2019

Most Popular

Visit/operating-systems/25802/17-windows-10-problems-and-how-to-fix-them
operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
Visit/microsoft-windows/32066/what-to-do-if-youre-still-running-windows-7
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
Visit/web-browser/30394/what-is-http-error-503-and-how-do-you-fix-it
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020
Visit/policy-legislation/general-data-protection-regulation-gdpr/354577/data-protection-fines-hit-ps100m
General Data Protection Regulation (GDPR)

Data protection fines hit £100m during first 18 months of GDPR

20 Jan 2020