Has the US forced Reddit to secretly hand over user data?
Disappearance of "warrant canary" seen as tacit admission of government data request

Reddit users may no longer be safe from government spying.
The message forum site has removed a "warrant canary" from its latest transparency report, suggesting it has now received at least one classified request for user data.
National security letters and Foreign Intelligence Surveillance Act requests come to companies in secret requests for users' information, and the nature of these requests is such that companies are forbidden from even saying they have received them.
The "warrant canary"
Reddit got around that last year by including a "warrant canary" for its Transparency Report 2014, that read: "As of January 29, 2015, reddit has never received a National Security Letter, an order under the Foreign Intelligence Surveillance Act, or any other classified request for user information. If we ever receive such a request, we would seek to let the public know it existed."
The idea works as a tacit admission, if the statement ever disappeared from future reports, that Reddit had received such a request.
After releasing its Transparency Report 2015 yesterday, one user spotted that the statement was no longer included.
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
This led Reddit admin Spez to say: "Even with the canaries, we're treading a fine line. The whole thing is icky, which is why we joined Twitter in pushing back."
Twitter is suing the US Department of Justice for a violation of free speech in an ongoing court case, after the department prevented the tech giant from revealing how many secret requests for user data it receives.
Reddit's apparent admission comes after data protection campaigner Max Schrems sued Facebook over allegedly transferring EU citizens' data to the NSA, something Facebook denied.
The court case eventually led to the European Court of Justice scrapping the Safe Harbour agreement in October 2015, saying it could not be relied upon to protect EU data transferred to the US.
A replacement agreement dubbed Privacy Shield is currently being considered by various parts of the EU.
-
Helping customers adopt a multi-cloud infrastructure and accelerate their modernization journey
Sponsored Content We outline what shifting to a subscription model means for your business
-
UK firms are 'sleepwalking' into smart building cyber threats
News The convergence of operational technology and IT systems is posing serious risks for property firms.
-
EU and US reach agreement on Privacy Shield replacement
News Privacy campaigner Max Schrems suggests the deal amounts to a "patchwork approach" that will ultimately fail
-
Zoom is no longer compatible with GDPR, Hamburg data watchdog claims
News Regulator claims city officials are using a "legally highly problematic system"
-
Microsoft promises to challenge all government requests for customer data
News Stance taken following EU advice to firms on complying with a ruling invalidating the EU-US data transfer mechanism
-
European court invalidates primary EU-US data transfer mechanism
News Privacy Shield ruled to be incompatible with GDPR in landmark case
-
What is EU-US Privacy Shield?
In-depth A look at the now invalidated framework US companies relied on to transfer data to and from the European Union
-
Privacy Shield should be suspended, say MEPs
News Committee cites Cambridge Analytica scandal and CLOUD Act as obstacles
-
EU seeks Privacy Shield changes in its first annual review
News Proposals include tougher rules around non-compliance and greater cooperation between US and EU authorities
-
Safe Harbour replaced with EU-US Privacy Shield
News The new agreement may take effect from July if both parties agree on its directions