Microsoft demands take-down of leaked "spy guide"

Whistleblowing site Cryptome has landed itself in trouble with Microsoft legal for publishing the software company's “Global Criminal Compliance Handbook.”

The handbook, dated March 2008, is a 22-page guide that describes the surveillance services Microsoft offers to law enforcement officials for its online services including Hotmail, Live Messenger and Xbox LIVE. The services include IP address disclosure, e-mail account registration records, stored e-mail records, account access records and in the case of Windows Live Spaces, owner (creator) information. For Xbox LIVE Microsoft retains the following:

  • Gamertag
  • Credit card number
  • Phone number
  • First/last name with zip code
  • Serial number of Xbox console if it has been used on Xbox LIVE
  • Email account
  • IP history for the lifetime of the gamertag

The document provides a unique insight into how personal data is provided to the relevant authorities. According to Geekosystem.com, who originally reported the leak, Cryptome have been taken offline by their host - Network Solutions. Microsoft reportedly sent a DMCA request to the hosts to remove the content. Cryptome is now inaccessible and fellow whistleblower site Wikileaks has offered to host the document. "We will host Cryptome on our multi-jurisdictional network-outside the US-if required,” said a Wikileaks spokesperson.

The case mirrors a similar leak where Microsoft's secret Computer Online Forensic Evidence Extractor (COFEE) leaked online in November 2009. COFEE is a forensics tool, approximately 15MB in size that fits on a USB drive for law enforcement officials to use in PC forensics.

Microsoft officials were unavailable for comment at the time of writing.

Update: Microsoft have now issued a statement:

“Like all service providers, Microsoft must respond to lawful requests from law enforcement agencies to provide information related to criminal investigations.  We take our responsibility to protect our customers privacy very seriously, so have specific guidelines that we use when responding to law enforcement requests. In this case, we did not ask that this site be taken down, only that Microsoft copyrighted content be removed. We are requesting to have the site restored and are no longer seeking the document’s removal.”  

Report a problem with article
Previous Story

TechSpot: ATI Radeon HD 5830 Review

Next Story

Virgin Media to offer 100Mb broadband by end of the year [UK]

36 Comments

Commenting is disabled on this article.

I think if it is deemed necessary the government can get hold of any information it is possible to get hold of.Why does everyone think that it would be public knowledge?
U can't be saying that nothing like this is done if it is 'illegal' or against the data protection act.I don't think most people are that naive.

Has anyone ever looked at a license agreement. You know then huge document of legal speak that you have to agree or disagree with. Check out the section on Privacy. Pretty standard if you ask me.

You guys do realise there are legal requirements on how long you HAVE TO keep data right. Here at work we have to keep data legally for something like 7 years or something like that .

So why get upset at microsoft for a document that just outlines what they have to do by law and how to supply the needed info to the government?

ALL your info is saved online no matter what company you use.

FYI, SO when "the PRO" doucha bag MS xbox live employee said he could and would ban EVERY IP address and every xbox you've ever played on he wasn't joking. Ever IP ever used or played from is recorded for the live of your account?

From Doc above:
What records are retained and for how long? Both registration and IP connection history records are retained for the life of the gamertag account. Because the volume of IP connection history records may be large, when possible please ask for the specific date range of records you are specifically interested in receiving. A full listing of retained records is below:
ï‚· Gamertag
ï‚· Credit card number
ï‚· Phone number
ï‚· First/last name with zip code

You guys do realize, seeing the nature document, there's probably some legal REQUIREMENT that they try to protect this information...right? So them doing takedown notices is probably them covering their bases and saying "yes, it was leaked, we did what we could to take it down, it's still out there."

It's the good old Jack Boot Microsoft from the late 1980's and 1990's again. It would be interesting to know if Microsoft was doing it at the behest of the Government. This somewhat dull, irrelevant document hardly warranted all the effort or excitement, especially as once leaked, it would be far more read. Crytome had other stuff that was far more interesting.

My guess is, there is a hidden agenda here, but as I've left my tin-foil hat at home today...

boho said,
It would be interesting to know if Microsoft was doing it at the behest of the Government.
Doing *what* at the behest of the government? This is something required of them by law, which is obviously something you do at the "behest" of the government ... but I'm hoping you didn't mean this, otherwise it was an utterly pointless comment.

Just so you know, every company that provides a big online service has these documents, and its the law enforcement that doesn't want them getting out, not the companies... we've been told ourselves at work to keep our document "private"

It would be interesting to be a fly on the wall at MS to hear the discussions over this ... it well may turn out its law enforcement agencies who are more unhappy with the document being posted than MS themselves.

After all, anyone reasonably clued up on email usage would probably expect there to be such guidelines as in the 'spy' document on how email and other data could be accessed by law enforcement when needed (stating the obvious really) but its quite another thing for all that to be out in the public domain, sort of reminding those who may well have something to hide, they are being watched or could be tracked down.

This isn't exactly something I am surprised at. The whole Data Protection and coupled with Freedom of Information (in the UK) means that anyone can request information, digital if necessary, at a cost. Plus once data is seen to be in breach of the law and needs to be used in criminal investigations or convictions, a threat to national security or terrorism, all privacy goes out the windows (pun intended)!

badblood said,
This isn't exactly something I am surprised at. The whole Data Protection and coupled with Freedom of Information (in the UK) means that anyone can request information, digital if necessary, at a cost. Plus once data is seen to be in breach of the law and needs to be used in criminal investigations or convictions, a threat to national security or terrorism, all privacy goes out the windows (pun intended)!

The document is just information what they can give if the police/FBI or whoever come with a warrant and demand information about a certain user. It's that or the police/FBI come and remove the servers themselves and get the information like that. All servers in the US or any country that requires by law that anyone with a server has to comply and give any information to the authorities if needed.

If people are going to go around and say that Microsoft is as bad as Google, then they are wrong since Google will have to do the same thing.

One more thing as well is that if you have nothing to hide, you have nothing to worry about.

Tony. said,

One more thing as well is that if you have nothing to hide, you have nothing to worry about.

Not an argument that works well in today's world.

One more thing as well is that if you have nothing to hide, you have nothing to worry about.
[/quote]

One of the dumbest lines I have ever read. Why do people find it necessary to quote such BS.

rageagainstmachine said,
Pretty boring read tbh. Dont know why MS ar so upset!
I agree. It's nothing out of the ordinary or notable in those docs.

rageagainstmachine said,
Pretty boring read tbh. Dont know why MS ar so upset!
The only thing of interest is that the information kept doesn't seem to have a privacy expiration. The lifetime IP address info was unexpected. I would have thought a year, maybe two.

Why should we not know this? We already know the NSA and MI5 are given back doors to our systems, and any encrypted documents/devices, so why not fully disclose what else they have access too?

TonyLock said,
Why should we not know this? We already know the NSA and MI5 are given back doors to our systems, and any encrypted documents/devices, so why not fully disclose what else they have access too?

Urgh.

TonyLock said,
Why should we not know this? We already know the NSA and MI5 are given back doors to our systems, and any encrypted documents/devices, so why not fully disclose what else they have access too?

Haha, this comment is epic. You SO haven't read that guide before making your comment. The leaked document details what kind of information the police can expect to get, given that they have a warrant. Stuff like IP addresses, nothing overwhelming. Nothing "how to gain access to computers via backdoors", haha.

And since it was even leaked and not released willingly, that throws any conspiracy theory like yours out the window. MS didn't want this to be released, but it STILL doesn't contain anything about backdoors.

Edited by Northgrove, Feb 25 2010, 9:36am :

TonyLock said,
Why should we not know this? We already know the NSA and MI5 are given back doors to our systems, and any encrypted documents/devices, so why not fully disclose what else they have access too?

Yawn.... Another troll.
Probably another zealot/fanatic.

TonyLock said,
Why should we not know this? We already know the NSA and MI5 are given back doors to our systems, and any encrypted documents/devices, so why not fully disclose what else they have access too?

You know, if that was true, then why do they try so hard to get your encryption passwords when you have something they want to see? They could just decrypt it with their master keys if they had them right?...... Tin foil hats for all

neufuse said,

You know, if that was true, then why do they try so hard to get your encryption passwords when you have something they want to see? They could just decrypt it with their master keys if they had them right?...... Tin foil hats for all

LOL

TonyLock said,
Why should we not know this? We already know the NSA and MI5 are given back doors to our systems, and any encrypted documents/devices, so why not fully disclose what else they have access too?

Oh, sweetie... Put that foil hat back on. It'll make you feel a lot better, and believe me, it's going to be a whole lot easier composing your conspiracy theories on your Macbook while sipping that organic soy milk if you can concentrate!

neufuse said,

You know, if that was true, then why do they try so hard to get your encryption passwords when you have something they want to see? They could just decrypt it with their master keys if they had them right?...... Tin foil hats for all

Well put!

neufuse said,

You know, if that was true, then why do they try so hard to get your encryption passwords when you have something they want to see? They could just decrypt it with their master keys if they had them right?...... Tin foil hats for all

They don't have the keys for third party encryption and hardware.