What is Canary Trap?
A method for identifying information leaks by providing slightly different versions of sensitive information to each suspected source.
A canary trap (also called a barium meal) identifies who leaked information by making each copy unique.
How It Works
- Create multiple versions of a document with subtle differences
- Give each version to a different person
- If the information leaks, the unique differences identify the source
Digital Variants
- Invisible differences: Vary whitespace, synonym choices, or sentence structure
- Steganographic watermarks: Embed invisible identifiers in documents or images
- Unique URLs: Give each person a different link to the same content
- Font-based encoding: Use barely different fonts to encode recipient identity
Historical Use
- Tom Clancy popularized the term in "Patriot Games"
- Intelligence agencies have used the technique for decades
- Modern corporate leak investigations use digital canary traps
Defense
If you suspect a canary trap, compare your version with someone else's. Differences indicate embedded identifiers. Retype or screenshot content rather than sharing the original document.
Related Terms
Operational Security
The practice of protecting sensitive information by thinking like an adversary to identify vulnerabilities in your own behavior and communications. OPSEC goes beyond technical tools to address human factors that could expose you.
Warrant Canary
A method by which a service provider can inform users that they have NOT received a secret government subpoena. If the canary statement is removed or not updated, it signals that the provider may have received such an order and is legally prevented from disclosing it.
Have more questions?
Use our guided flow to get the right next privacy step for Canary Trap.
Open Guided Flow