Mhh, maybe we can regularly sign something that expires fast enough (a certificate basically) and link to it in the legal page? And when we're approached, it automatically expires and is not renewed. The additional benefit is that only the holder of the private key can renew it.
But that would mean we rely on users being able to verify signatures. Key rotation is simply the first thing that came into my mind when thinking about warrant canaries. But I would think anyone who cares about warrant canaries can be expected to know how to use gpg --verify?
Turns out the first commercial use of a warrant canary also used a digital signature:
The first commercial use of a warrant canary was by the US cloud storage provider rsync.net, which began publishing its canary in 2006. In addition to a digital signature, it provides a recent news headline as proof that the warrant canary was recently posted as well as mirroring the posting internationally.