The typical canary contains a signed timestamp. Generally, the US does differentiate between forbidding an action (“do not remove your canary”) and compelling an action (“update your canary with a new timestamp” or “disclose the pass phrase for the signing key”).
I’m no expert, and I’m sure there are nuances, but the broad strokes behind the design of these canaries are that it’s harder for the government to compel an action than to forbid one.
I’m no expert, and I’m sure there are nuances, but the broad strokes behind the design of these canaries are that it’s harder for the government to compel an action than to forbid one.