02-25-2010, 06:39 PM
Here's what Microsoft will reveal to police about
I suppose some of this stuff is standard for any company providing ISP Services ...
February 25, 2010 - 11:53 A.M. |
Leaked Microsoft intelligence document: Here's what Microsoft will reveal to police about you
I've got my hands on a copy of the leaked, confidential Microsoft "Global Criminal Compliance Handbook," which details for police and intelligence services exactly what information Microsoft collects about users of its online services, and how they can be accessed. What is gathered and available about you is quite comprehensive, including your emails, detailed information about when you sign in and use the services, credit card information, and so on.
The handbook was first leaked by the whistleblowing site Cryptome. Microsoft asked that the document be removed from the site, under the Digital Millennium Copyright Act. The site was instead shut down, and as I write this, it is in the process of being restored.
The handbook is available at the Wikileaks site. That's where I got it, after unsuccessfully trying to get it via BitTorrent networks. In a statement, Microsoft said that it is no longer trying to have the document removed, so it may soon be available elsewhere.
The report, published in March 2008, is labeled "U.S. Domestic Version," which makes one wonder whether there's also a version available for U.S. agencies that operate primarily overseas and for foreign governments. But I don't know whether such a document exists. Also, the document may have been superseded by a later one, although I don't know that, either.
Quite a bit of information is available about XBox Live users. Here's what the document says can be gotten by police and intelligence officials: |
If your investigation involves a stolen Xbox console, if the console serial number or Xbox LIVE user gamertag is provided and the console has been connected to the Internet, IP connection records may be available
What records are retained and for how long?
Both registration and IP connection history records are retained for the life of the gamertag account. Because the volume of IP connection history records may be large, when possible please ask for the specific date range of records you are specifically interested in receiving. A full listing of retained records is below:
* Credit card number
* First/last name with zip code
* Serial number but only if box has been registered online. "Console ID" is better.
* Service request number from Xbox Hotline (e.g. SR 103xx-xx-xx)
* E-mail account (e.g. @msn.com, @hotmail.com or any other Windows Live ID account name)
* IP history for the lifetime of the gamertag (only one gamertag at a time)
Good old DCMA ....
| Microsoft retreats from demand that killed whistleblower site |
Never meant to knock Crytome.org offline, says Microsoft; whistleblower wants his day in court
Earlier this week, Microsoft demanded that Young remove the document from his site, citing the Digital Millennium Copyright Act (DMCA). When Young refused, his Internet provider shut down the site, and Network Solutions LLC, the registrar of Young's domain, put a "legal lock" on the domain name. That last move prevented him from transferring the URL to another Internet service provider.
Originally, Young had been told he had until today to remove the document from his site or face the consequences. Instead, his ISP pulled the plug and Network Solutions locked the domain name a day early, forcing him to scramble Wednesday to find a temporary home for his site. (I think I would be Looking for an Over Seas Web Host after this or certainly a Domain Registrar somewhere besides Net Sol ... they suck)
Today, Network Solutions unlocked the domain and restored the site. Cryptome.org returned to the Web shortly before 3 p.m. Eastern time.
"We removed the legal lock as soon as we received the notification from Microsoft that they withdrew their [DMCA]-based complaint," said Susan Wade, a spokeswoman for Network Solutions.
Prior to Microsoft's turnabout, Young remained combative, effectively daring the company to fight. "We really want this to go to court," he said in a telephone interview early today. "The DMCA needs to be modified, because it's catching a lot of innocent people in its net."
The DMCA, Young argued, makes it much too easy for large companies like Microsoft to demand, and get, cooperation from Internet providers and domain registrars like Network Solutions when the issue is not actually copyright-related but more in the confidentiality arena. "This is an abuse of the copyright law," Young maintained, adding that it wasn't Congress's intent to let companies use the DMCA to quash leaked information. "We want to go to court so [Congress] comes out with a better version [of the DMCA]."
Last edited by EmptyTimCup; 02-25-2010 at 06:48 PM.
[ Reply w/Quote ]