Posts tagged phone numbers
Confidential guidelines telling police how to access Facebook, Microsoft, Blizzard, and AOL user accounts have appeared online this week.
The files, known colloquially as law enforcement guidelines, typically tell police what types of user data are stored, how long they’re retained, and what procedures to use to gain access to them.
A few types of requests–for e-mail less than 180 days old, for instance–tend to require search warrants. In general, basic subscriber information can be disclosed with a subpoena, and a court order is required for more extensive information (whether that’s sufficient is the subject of ongoing litigation in the Twitter-WikiLeaks case).
Here are some highlights from each company’s policies:
Blizzard:Logs of Internet Protocol addresses are kept “indefinitely,” according to the company behind World of Warcraft. Sent mail is not retained. Deleted mail messages are not retained.Facebook: An earlier version of the company’s manual from 2008 said that “IP log data is generally retained for 90 days.” That statement is missing from the newly-released 2010 version, indicating that Facebook now may store data longer (a company spokesman did not respond to that question).
Microsoft/MSN: Hotmail IP logs are kept for 60 days. MSN TV’s Web site logs are kept for 13 days. No logs are kept for conversations taking place through MSN chat rooms and MSN instant messenger. The leaked document is from April 2005, though, and may be out of date.
AOL: IP logs for the AIM and ICQ messaging services are stored for up to 90 days. Customer logs are kept for 6 months. All AOL e-mail, including from portals such as AOL.ca, AOL.fr, and AOL.mx, is stored in its Northern Virginia data center.
The AOL, Blizzard, and Microsoft manuals were leaked as part of a recent data dump from Anonymous. The 2010 Facebook manual was posted by PublicIntelligence.net, a WikiLeaks-like effort that describes itself as an “international, collaborative research project.”
By far the most extensive collection of not-meant-for-the-public law enforcement guidelines has been assembled by John Young, a retired architect who runs the Cryptome.org document repository from his Manhattan flat.
After its law enforcement manuals for Windows appeared on Cryptome last year, Microsoft has attempted to remove it from the Internet using the Digital Millennium Copyright Act. The DMCA complaint was withdrawn a few days later. (See a related CNET Q&A with Young.)
A House of Representatives panel voted in July to require Internet providers to store customers’ names, addresses, phone numbers, credit card numbers, bank account numbers, and temporarily-assigned IP addresses. Previous Justice Department proposals envisioned forcing social networking sites to keep records for a few years of who uploads which photographs or videos.
In what may or may not be a coincidence, Facebook plans to post the 2011 law enforcement guide in its help center by the end of the day.
Source: http://www.prisonplanet.com 7/25/2011
Privacy busting legislation a “stalking horse for a massive expansion of federal power”
Legislation that will force Internet providers to store information on all their customers and share it with the federal government and law enforcement agencies was significantly beefed at the last minute yesterday and approved by a U.S. House of Representatives committee.
Under the guise of protecting children from internet pornographers, the House Judiciary committee voted 19-10 to approve a bill that will require Internet Service Providers to store temporarily assigned IP addresses for future government use.
In addition, the bill was re-written yesterday to also include the enforced retention of customers’ names, addresses, phone numbers, credit card numbers and bank account numbers.
As Declan McCullagh of CNet reports, the panel rejected an amendment that would have clarified that only IP addresses must be stored.
“The bill is mislabeled,” said Rep. John Conyers of Michigan, the senior Democrat on the panel. “This is not protecting children from Internet pornography. It’s creating a database for everybody in this country for a lot of other purposes.”
It represents “a data bank of every digital act by every American” that would “let us find out where every single American visited Web sites,” said Rep. Zoe Lofgren, who led Democratic opposition to the bill. The Californian Representative described the legislation as a “mess of a bill” and a “stalking horse for a massive expansion of federal power”.
Rep. Darrell Issa, R-Calif., noted that the bill would open a Pandora’s box of government abuse.
“This is not about child porn. It never has been and never will be,” Issa said. “This is a convenient way for law enforcement to get what they couldn’t get in the PATRIOT Act.”
Advocates for the legislation include the National Sheriffs’ Association, which has said it “strongly supports” mandatory data retention. The bill has also attracted endorsements from the National Center for Missing and Exploited Children, as well as the FBI.
In a last ditch effort to derail the bill, the ACLU, along with dozens of other privacy watchdog groups penned a letter (PDF) to House Judiciary Committee Chairman Lamar Smith earlier this week, noting that “any data retention mandate is a direct assault on bedrock privacy principles.”
“The data retention mandate in this bill would treat every Internet user like a criminal and threaten the online privacy and free speech rights of every American, as lawmakers on both sides of the aisle have recognized,” Senior Staff Attorney Kevin Bankston of the Electronic Frontier Foundation said.