Microsoft’s Rules for Law Enforcement Set Free

A government watchdog site had its Internet domain restored, thanks to Microsoft, a day after the site’s ISP shut it down for publishing a Microsoft handbook on how the company deals with law enforcement requests.

Microsoft (NASDAQ: MSFT) had demanded that the site — — take down a 22-page document named “Microsoft Online Services Global Criminal Compliance Handbook” as a violation of the Digital Millennium Copyright Act (DMCA).

Wednesday, the site’s ISP, Network Solutions, blocked access to Cryptome’s site due to Microsoft’s complaint. The site briefly relocated and several mirror sites were put up around the Web so that the document, and thousands of others, remained available for viewing.

Thursday, however, the software titan dropped its complaint and Network Solutions restored access to Cryptome’s servers.

“We did not ask that this site be taken down, only that Microsoft copyrighted content be removed. We are requesting to have the site restored and are no longer seeking the document’s removal,” a Microsoft spokesperson said in a statement e-mailed to

The document itself, which is dated March 2008, may be a revelation for many users, who didn’t realize how much information Microsoft will actually provide to law enforcement on request under applicable laws. The document is marked “Microsoft Confidential For Law Enforcement Use Only” at the bottom of each page.

“Like all service providers, Microsoft must respond to lawful requests from law enforcement agencies to provide information related to criminal investigations. We take our responsibility to protect our customers’ privacy very seriously, so have specific guidelines that we use when responding to law enforcement requests,” the spokesperson said.

Besides basic account data, for instance, if a user leaves e-mails on a Microsoft server, those may be made available to law enforcement. However, messages deleted from the mail server but maintained on the user’s PC would not be available via Microsoft, the document points out.

According to the handbook, other information that’s available regards Microsoft services including Windows Live ID data, Hotmail, and Windows Live Messenger messages.

Providing information on social network activity

The company may also provide information on social networking services such as Windows Live Spaces and MSN Groups. That can include “any and all subscriber information” as well as content, photos, blogs, and lists. Other areas include custom domains and Office Live services such as Live Small Business and Live Workspace. Storage is also covered, including the Live SkyDrive service.

For gamers 13 and older, there is also information on Xbox and Xbox Live use. For instance, if a user’s Xbox 360 were stolen, law enforcement could request access to a slew of user information that might help identify the culprit. That can include the gamer’s tag, phone and credit card numbers, e-mail addresses, the user’s first and last name and zip code, serial number if the Xbox was registered online, and IP addresses associated with the game console.

For users about to go into a tirade against Microsoft, however, it might be a surprise — or perhaps not – to find out that Cryptome has lots of other “spying guides” from other companies that is also posts at its site. Documents by MySpace, Facebook, AOL, Skype, PayPal, Yahoo, and many others are posted at the site.

It’s worth noting that many any technology companies, including Microsoft, work with law enforcement in many situations, such as hunting down purveyors of illicit photos of children.

Cryptome, which was founded in 1996, boasts that it has some 54,000 files in its archive that is has collected and published over the past 14 years, including some 24,000 pages of files from the U.S. Army, the site states.

This is not the first time that Cryptome has had a run in with an ISP. According to statements by the site’s founder, John Young, Cryptome switched to Network Solutions in 2007 when its ISP, Verio, shut the site down without explanation.

Additionally, Cryptome has also been confronted by Yahoo, which also used the DMCA as justification for demanding the removal of its law enforcement compliance document.

“Claims of copyright violation is merely the cheapest and quickest way to coerce a service provider, no expensive lawyers needed. And it is a cheap and fast way to hide information from competitors as Yahoo intended with its false copyright claim,” Young’s statement continued.

Yahoo’s (NASDAQ: MSFT) “Compliance Guide for Law Enforcement” is still online at Cryptome’s site.

Stuart J. Johnston is a contributing writer at, the news service of, the network for technology professionals.

News Around the Web