Failure to publish a warrant canary may constitute contempt of court, but has never been forced as far as we know. The following excerpt also talks about the PGP key which u/Drewski talks about.

This is from the ProPrivacy.com website:

"Can a warrant canary be trusted? On the face of it, warrant canaries sound like a good idea. Many are not convinced, however, arguing that warrant canaries are little more that puff and smoke advertising with little to no real substance.

1. First Amendment protection for the use of warrant canaries is purely conjectural – it has never been tested in a court of law. It is very possible that a US court would rule that failure to update a warrant canary constitutes contempt of the legal requirement placed on an individual.

This is even more true outside the US, where people do not enjoy the explicit Constitutional rights afforded to US citizens. Australia is the first country to explicitly outlaw the use of warrant canaries, and other countries (such as the UK) are likely to follow soon.

1. A website can be easily be taken over by a government and false updates given. Securing a warrant canary with a PGP key is intended to protect against this, but a) how many people actually check these PGP keys?, and b) if a company owner can be compelled to compromise his or her service, they can also be compelled (or bribed) to hand over their PGP keys.

As Brett Max Kaufman, a lawyer at the American Civil Liberties Union, told the BBC,

"If the government asked a company to leave its warrant canary up (and therefore communicate something false to the public), the company would have the right to challenge any gag (under the First Amendment... or under certain provisions of the USA Freedom Act) in court. But if a court upheld the government's request... the public would be none the wiser, at least for some time. Indeed, that would be the entire objective from the government's perspective."

An individual who was quick enough might be able to destroy all copies of their PGP key (which will be stored in a variety of places so it that can be verified) before being forced to hand it over. This would allow an eagle-eyed observer to notice the missing signature if the company is forced to keep updating its warrant canary. There is still no way, however, for customers to know whether or not a key has not been destroyed.

Secure web storage firm SpiderOak makes a brave attempt to address this problem by having its warrant canary digitally signed by 3 different high ranking individuals within the company (who are presumably located in different geographical locations). This would certainly make coercing (or bribing) all signers more difficult (or expensive), but provides no cast-iron guarantees that this is the case and that they can all be trusted.

1. Even when warrant canaries are "triggered” (i.e. they are not updated in a timely manner), this is often ignored. A good example is Apple, which in 2014 removed its warrant canary from its latest transparency report. Despite this, it was widely argued that the removal probably did not mean that Apple had been forced to hand over data following secret government orders. This may or may not be true, but whatever the case, the incident was quickly forgotten and customers carried on trusting Apple as usual.

Another example is the missing warrant canary in Reddit’s 2015 transparency report. Despite some initial concern among a small subsection of Redditors, business on the Reddit forums has also since continued as usual."