Microsoft demands a take-down of the manual, which it says was illegally leaked and posted

Microsoft landed in hot water earlier this week when its "Global Criminal Compliance Handbook" was published by whistleblower site Cryptome.  

The guide details much of the wealth of information that the company retains on its internet users and Xbox owners.  Now Microsoft is demanding that the site remove the posted guide, which its legal team claims was illegally obtained and posted.

The guide, dated March 2008, details Microsoft's surveillance services of Hotmail, Live Messenger and Xbox LIVE users that it offers the government.

For Hotmail, Microsoft offers IP address disclosure, e-mail account registration records, stored e-mail records, account access records.  For Windows Live Spaces, it offers the previous information, plus owner (creator) information.  For Xbox Live it offers users' Gamertags, their credit card number, phone number, first/last name, zip code, the serial number of their Xbox console if it has been used on Xbox LIVE, their email account address, and the lifetime IP history of the Gamertag.

Microsoft officials have not publicly commented on the leak, though they are actively pursuing trying to silence it online.

Cryptome's host -- Network Solutions -- has responded to a Digital Millennium Copyright Act (DMCA) takedown notice from Microsoft and Cryptome is now offline.  The manual can easily be found as a 1.7 MB file on numerous torrents, though, such as this one at Torrent Reactor.  Fellow whistleblower site Wikileaks has agreed to host the site outside the U.S. to protect it from the powerful DMCA.  Describes a spokesperson for Wikileaks, "We will host Cryptome on our multi-jurisdictional network-outside the US-if required."

The incident was similar to the previous leak of Microsoft's secret Computer Online Forensic Evidence Extractor (COFEE).  Microsoft gives COFEE on USB sticks to law enforcement agencies, allowing them to extract "volatile" files from offenders with Windows computers.

The incident also raises questions in the ongoing debate over just how much personal information web service providers, OS makers, and game console makers should retain.  Google, Yahoo, and Microsoft all came under fire in recent months for retaining users' search records.  They have all since agreed to scale back the time of data retention.

"If they're going to pirate somebody, we want it to be us rather than somebody else." -- Microsoft Business Group President Jeff Raikes

Copyright 2017 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki