CyberLaw Blog

Archive for the ‘Transparency’ Category

Microsoft backs down over online 'spy guide': “(Guardian)
Microsoft has been forced to backtrack after it closed down a whistleblowing website after it published a leaked version of the company’s ’spy guide’. The American software giant took action against the Cryptome website for publishing a copy of the Microsoft Global Criminal Compliance Handbook, a document explaining how law enforcement officials can access millions of people’s private information online. Microsoft said the publication infringed its copyright and lodged a complaint with Cryptome’s web hosting company, Network Solutions. Network Solutions shut down the website entirely – a move that caused uproar among civil liberties campaigners, and led Microsoft to withdraw its complaint so that Cryptome could go back online. The company did not intend to close the site – just remove the document in question.

(Via QuickLinks Update.)

CyberLaw is also publishing a PDF copy of the Microsoft surveillance compliance document which is mentioned in the story below as the public has a right to know about Microsoft’s policy.

Visit and support http://cryptome.org/

Microsoft Takes Down Whistleblower Site, Read the Secret Doc Here | Threat Level | Wired.com

By Ryan Singel Email Author, February 24, 2010

designedfor_emma_swannMicrosoft has managed to do what a roomful of secretive, three-letter government agencies have wanted to do for years: get the whistleblowing, government-document sharing site Cryptome shut down.

Microsoft dropped a DMCA notice alleging copyright infringement on Cryptome’s proprietor John Young on Tuesday after he posted a Microsoft surveillance compliance document that the company gives to law enforcement agents seeking information on Microsoft users. Young filed a counterclaim on Wednesday — arguing he had a fair use to publishing the document, a full day before the Thursday deadline set by his hosting provider, Network Solutions.

Regardless, Cryptome was shut down by Network Solutions and its domain name locked on Wednesday — shuttering a site that thumbed its nose at the government since 1996 — posting thousands of documents that the feds would prefer never saw the light of day.

Microsoft did not return a call for comment by press time.

The 22-page document (.pdf) contains no trade secrets, but will tell Microsoft users things they didn’t know. (You can read it directly on your own computer from the above link, or read it inline below.)

For instance, Xbox Live records every IP address you ever use to login and stores them for perpetuity. While that’s going to be creepy for some, there’s an upside if your house gets robbed, according to the document: ‘If your investigation involves a stolen Xbox console, if the console serial number or Xbox LIVE user gamertag is provided and the console has been connected to the Internet, IP connection records may be available.’

The Microsoft® Online Services Global Criminal Compliance Handbook (.pdf) also goes so far as to provide sample language for subpoenas and diagrams on how to understand server logs.

Other things you might not know and which Microsoft (sometimes oddly) doesn’t want you to know?

Microsoft retains only the last 10 login records for Windows Live ID. As for your instant messages, it tells police that it keeps no record of what anyone says over Microsoft Messenger – though it will turn over who is on your buddy list.

And if you like to use Microsoft’s social networking products — like its old-school Group mailing list or its Facebook-like Spaces product, be aware that it’s very social when it comes to law enforcement or court subpoenas.

As Microsoft tells potential subpoenaees, ‘when you are looking for information on a specific incident like a photo posting or message posting, please request all group content and logs. We cannot retrieve single incident data.’ The same holds for Spaces — if you are interested in a single picture, just request the entire thing. Call it Subpoena 2.0.

The compliance handbook is just the latest in a series of leaks of similar documents from other companies. Yahoo, like Microsoft, reacted as if its secret sauce had somehow been spilled by letting curious users know the hows and whys of how the companies deal with lawful surveillance requests. Google, for all its crusading for internet freedom, refuses to say how often law enforcement comes searching for user data.

The one company who has had a stand-up policy for years is the Cox Communications’ ISP, which has had this information and their price list public for years.

But hypocrisy is the name of the game for giant internet companies like Yahoo, Microsoft and Google that want us to entrust large portions of our lives to Gmail, Yahoo Mail, Buzz, Xbox, Hotmail, Messenger, Google Groups. When it comes to the most basic information about how, why and how often our data is subpoenaed and collected without our knowledge, these online innovators resort to lawyers, abusive legal process and double-talk.

Transparency, choice and control – now complete with a Dashboard!: “Posted by Alma Whitten, Software Engineer, Yariv Adan, Product Manager, and Marissa Mayer, VP of Search Products and User Experience

Today, we are excited to announce the launch of Google Dashboard. Have you ever wondered what data is stored with your Google Account? The Google Dashboard offers a simple view into the data associated with your account — easily and concisely in one location.

Over the past 11 years, Google has focused on building innovative products for our users. Today, with hundreds of millions of people using those products around the world, we are very aware of the trust that you have placed in us, and our responsibility to protect your privacy and data. In the past, we’ve taken numerous steps in this area, investing in educating our users with our Privacy Center, making it easier to move data in and out of Google with our Data Liberation Front, and allowing you to control the ads you see with interest-based advertising. Transparency, choice and control have become a key part of Google’s philosophy, and today, we’re happy to announce that we’re doing even more.

In an effort to provide you with greater transparency and control over their own data, we’ve built the Google Dashboard. Designed to be simple and useful, the Dashboard summarizes data for each product that you use (when signed in to your account) and provides you direct links to control your personal settings. Today, the Dashboard covers more than 20 products and services, including Gmail, Calendar, Docs, Web History, Orkut, YouTube, Picasa, Talk, Reader, Alerts, Latitude and many more. The scale and level of detail of the Dashboard is unprecedented, and we’re delighted to be the first Internet company to offer this — and we hope it will become the standard. Watch this quick video to learn more and then try it out for yourself at www.google.com/dashboard.

(Via Google Public Policy Blog.)

Leaked Australian blacklist reveals banned sites – Wikileaks

March 19, 2009, By Asher Moses (Sidney Morning Herald)

The Australian communications regulator’s top-secret blacklist of banned websites has been leaked on to the web and paints a harrowing picture of Australia’s forthcoming internet censorship regime.

Wikileaks, an anonymous document repository for whistleblowers, obtained the list, which has been seen by this website, and plans to publish it for public consumption on its website imminently.

Wikileaks has previously published the blacklists for Thailand, Denmark and Norway.

University of Sydney associate professor Bjorn Landfeldt said the leaked list ‘constitutes a condensed encyclopedia of depravity and potentially very dangerous material’.

He said the leaked list would become ‘the concerned parent’s worst nightmare’ as curious children would inevitably seek it out.

But about half of the sites on the list are not related to child porn and include a slew of online poker sites, YouTube links, regular gay and straight porn sites, Wikipedia entries, euthanasia sites, websites of fringe religions such as satanic sites, fetish sites, Christian sites, the website of a tour operator and even a Queensland dentist.

‘It seems to me as if just about anything can potentially get on the list,’ Landfelt said.

The blacklist is maintained by ACMA and provided to makers of internet filtering software that parents can opt to install on their PCs.

However, if the Government proceeds with its mandatory internet filtering scheme, sites on the blacklist will be blocked for all Australians. The Government has flagged plans to expand the blacklist to 10,000 sites or more.

In a special report, written in conjunction with the Internet Industry Association and presented to the Government over a year ago, Landfeldt warned that ‘list leakage’ was one of the main issues associated with maintaining a secret blacklist of prohibited sites.

Julian Assange, founder of Wikileaks, dug up the blacklist after ACMA added several Wikileaks pages to the list following the site’s publication of the Danish blacklist.

He said secret censorship systems were ‘invariably corrupted’, pointing to the Thailand censorship list, which was originally billed as a mechanism to prevent child pornography but contained more than 1200 sites classified as criticising the royal family.

‘In January the Thai system was used to censor Australia reportage about the imprisoned Australian writer Harry Nicolaides,’ he said.

‘The Australian democracy must not be permitted to sleep with this loaded gun. This week saw Australia joining China and the United Arab Emirates as the only countries censoring Wikileaks.’

The leaked list, understood to have been obtained from an internet filtering software maker, contains 2395 sites. ACMA said its blacklist, as at November last year, contained 1370 sites.

Assange said the disparity in the reported figure is most likely due to the fact that the list contains several duplicates and variations of the same URL that stem from a single complaint. Alternatively, some sites may have been added to the list by the filter software maker.

ACMA said Australians caught distributing the list or accessing child pornography sites on the list could face criminal charges and up to 10 years in prison.

Opposition communications spokesman Nick Minchin said the leaking of the list was irresponsible but highlighted how this type of information could surface despite the efforts of ACMA to protect it, and could be used by those with a perverse interest in its content.

‘The regrettable and unfortunate reality is there will always be explicit and illegal material on the web and – regardless of blacklists, filters and the like – those with the means and know-how will find ways of accessing it,’ he said.

‘Adult supervision is the most effective way of keeping children safe online and people shouldn’t be led into believing by Labor that expanded blacklists or mandatory filters are a substitute for that.’

Colin Jacobs, spokesman for the online users’ lobby group Electronic Frontiers Australia, said the leak was not surprising and would only get worse once the list was sent to hundreds of Australian ISPs as part of the Government’s mandatory internet filtering policy.

He said the Government could be considered a ‘promoter and disseminator of links to some pretty unsavoury material’.

‘The list itself should concern every Australian – although plenty of the material is unsavoury or even illegal, the presence of sites like YouTube, MySpace, gambling or even Christian sites on the list raises a lot of questions,’ he said.

‘There is even a harmless tour operator on there, but there is no mechanism for a site operator to know they got on or request to be removed. The prospect of mandatory nation-wide filtering of this secret list is pretty concerning from a democratic point of view.’

The Communications Minister, Stephen Conroy, said the leak and publication of the ACMA blacklist would be ‘grossly irresponsible’ and undermine efforts to improve cyber safety.

He said ACMA was investigating the matter and considering a range of possible actions including referral to the Australian Federal Police. Australians involved in making the content available would be at ’serious risk of criminal prosecution’.

‘Under existing laws the ACMA blacklist includes URLs relating to child sexual abuse, rape, incest, bestiality, sexual violence and detailed instruction in crime,’ Senator Conroy said.

‘No one interested in cyber safety would condone the leaking of this list.’

First seen in the Sidney Morning Herald. Thanks to Asher Moses and the Sidney Morning Herald for covering this issue. Copyright remains with the aforementioned.

Obama releases Dubya’s secret anti-terror memos: “

Warrantless wiretapping? Check

The Obama administration has released nine secret legal opinions penned by Bush Administration lawyers, revealing the scope of executive power the White House sought in fighting domestic terrorism.…

“

(Via The Register – Public Sector.)

Facebook: Governing the Facebook Service in an Open and Transparent Way

by Mark Zuckerberg Today at 7:20pm

Last week, we returned to our previous Terms of Use as we worked on a new set of governing documents that would more clearly explain the relationship between Facebook and its users. Since then, I’ve been excited to see how much people care about Facebook and how willing they are to contribute to the process of governing the site.

Our main goal at Facebook is to help make the world more open and transparent. We believe that if we want to lead the world in this direction, then we must set an example by running our service in this way.

We sat down to work on documents that could be the foundation of this and we came to an interesting realization—that the conventional business practices around a Terms of Use document are just too restrictive to achieve these goals. We decided we needed to do things differently and so we’re going to develop new policies that will govern our system from the ground up in an open and transparent way.

Beginning today, we are giving you a greater opportunity to voice your opinion over how Facebook is governed. We’re starting this off by publishing two new documents for your review and comment. The first is the Facebook Principles, which defines your rights and will serve as the guiding framework behind any policy we’ll consider—or the reason we won’t consider others. The second document is the Statement of Rights and Responsibilities, which will replace the existing Terms of Use. With both documents, we tried hard to simplify the language so you have a clear understanding of how Facebook will be run. We’ve created separate groups for each document so you can read them and provide comments and feedback. You can find the Facebook Principles here and the Statement of Rights and Responsibilities here. Before these new proposals go into effect, you’ll also have the ability to vote for or against proposed changes.

I believe these steps are unprecedented in promoting understanding and enabling participation on the web. I hope you will take a look at these documents, read them carefully, and share your thoughts.

Facebook is still in the business of introducing new and therefore potentially disruptive technologies. This can mean that our users periodically experience adjustments to new products as they become familiar with them, and before becoming enthusiastic supporters. The launch of News Feed and the recent interface redesign are excellent examples that illustrate why we need to continue to make independent decisions about products in order to push technology forward. While these products must be consistent with the Principles and in compliance with the Statement of Rights and Responsibilities, they will not be subject to the notice and comment or voting requirement.

We’re honored that so many millions of people around the world have decided to bring Facebook into their lives to share information and experiences with friends and loved ones. We understand that gives us an important responsibility to our users.

History tells us that systems are most fairly governed when there is an open and transparent dialogue between the people who make decisions and those who are affected by them. We believe history will one day show that this principle holds true for companies as well, and we’re looking to moving in this direction with you.

“Open Letter by Members of Global Openness Community welcoming President Obama’s Initiative on Transparency”

The undersigned organizations, which work around the world to promote the right of access to information, welcome the steps taken by President Barack Obama on his first day in office to reverse recent trends and to promote high standards of openness in government. We particularly welcome the call for a clear presumption in favor of disclosure of information, so that “in the face of doubt, openness prevails”. We also welcome the inclusion, within this presumption, of an affirmative obligation on public bodies to disclose information rapidly and in forms that the public can readily find and use. Proactive disclosure is recognized internationally as an essential element of the right of access to information, along with the right to request and receive information.

President Obama has demonstrated global leadership on this issue, signaling the fundamental importance of open government in a democracy. We call on governments around the world to take similar action to promote transparency and respect for the right of access to information.

We also urge President Obama to ensure that his executive orders are given full effect, in accordance with their language and purpose. Ensuring strong implementation of these standards will set a high benchmark to inspire governments around the world.

Yours sincerely,

Access Info Europe, Helen Darbishire, Executive Director (Spain)
Access to Information Programme, Gergana Jouleva, Executive Director (Bulgaria)
Ad IDEM/Canadian Media Lawyers Association, Paul Schabas, President (Canada)
American Civil Liberties Union, Caroline Fredrickson, Washington Legislative Office, Director (USA)
Arab Freedom of Information Network, Said Essoulami, Executive Director
ARTICLE 19, Toby Mendel, Senior Legal Counsel
Asociación por los Derechos Civiles, Roberto Saba, Executive Director (Argentina)
Association for Freedom of Thoughts and Expression, Mohamed Omran (Egypt)
Bank Information Center, Chad Dobson, Executive Director (USA)
BilgiEdinmeHakki.Org, Dr. Yaman Akdeniz, Director (Turkey)
Campaign for Freedom of Information, Maurice Frankel, Director (UK)
Carter Center, Laura Neuman, Associate Director and Access to Information Project Manager (USA)
Center for Development and Democratization of Institutions, Ilir Aliaj, Executive Director (Albania)
Center for Independent Journalism, Ioana Avadani, Executive Director (Romania)
Center for Promotion of Freedom of Expression and Access to Information, Vasile Spinei, President (Moldova)
Center of Access to Public Information, Edison Lanza, Director (Uruguay)
Centre for Media Freedom Middle East and North Africa, Said Essoulami, Executive Director
Commonwealth Human Rights Initiative, Reshmi Mitra, Project Officer, Access to Information Programme, (India)
DELNA – Transparency International Latvia, Inese Voika, President (Latvia)
Due Process of Law Foundation, Eduardo Bertoni, Executive Director
Electronic Privacy Information Center, Marc Rotenberg, Executive Director (USA)
Foundation Open Society Institute, Dance Danilovska, Project Coordinator (Macedonia)
Freedom Forum, Santosh Sigdel, Executive Director (Nepal)
Freedom of Information Center of Armenia, Shushan Doydoyan, President (Armenia)
Freedom of Information Coalition, Edetaen Ojo, Coordinator (Nigeria)
Freedom of Information Coalition, Emmanuel Saffa Abdulai, Executive Director (Sierra Leone)
Fund for an Open Society, Miodrag Milosavljevic, Project Coordinator (Serbia)
Fundacion Pro Acceso, Moisés Sánchez, Executive Director (Chile)
Fundar, Miguel Pulido Jiménez, Coordinator (México)
GYLA, Tamar Gurchiani, Project Coordinator (Georgia)
Hungarian Civil Liberties Union, Balázs Dénes, Executive Director (Hungary)
Information Commissioner of Republic of Slovenia, Natasa Pirc, Information Commissioner (Slovenia)
Institute for Information Freedom Development in Russia, Ivan Pavlov, Lawyer and Chairman (Russia)
Instituto Prensa y Sociedad, Andrés Mejía (Colombia)
Instituto Prensa y Sociedad, Javier Casas (Peru)
Jamaicans for Justice, Carolyn Gomes, Executive Director (Jamaica)
Media Institute of Southern Africa, Sampa Kangwa-Wilkie, Program Specialist (Southern African Region)
Media Rights Agenda, Edetaen Ojo, Executive Director (Nigeria)
Movement for Freedom of Information in Israel, Roy Peled, Executive Director (Israel)
National Freedom of Information Coalition, Charles Davis, Executive Director (USA)
National Security Archive, Tom Blanton, Director (USA)
New York State Committee on Open Government, Robert J. Freeman, Executive Director (USA)
Open Society Institute, Aryeh Neier, President (USA)
Poder Ciudadano – Transparency International, Laura Alonso, Executive Director (Argentina)
Pro Media, Klime Babunski (Macedonia)
PROETICA – Transparency International, Cecilia Blondet, Executive Director (Peru)
PROVIDUS, Linda Austere, Policy Researcher (Latvia)
Public Citizen, Adina Rosenbaum, Attorney (USA)
Right to Know Coalition of Nova Scotia, Darce Fardy, President (Canada)
Society for Democratic Initiatives, Emmanuel Saffa Abdulai, Executive Director (Sierra Leone)
Statewatch, Tony Bunyan, Director
Sunshine Week, Debra Gersh Hernandez, Coordinator (USA)
Sustentia, Carlos Cordero, Executive Director (Spain)
The Canadian Association of Professional Access and Privacy Administrators, Sharon Polsky, National Chair (Canada)
Transparency International – Secretariat, Andrea Figari, Global Programmes Manager (Germany)
Transparency International Anti-corruption Center, Amalia Kostanyan, Chairwoman (Armenia)
Transparency International Bosnia and Herzegovina, Aleksandra Martinovic, Member of the Board of Directors (Bosnia and Herzegovina)
Transparency International Croatia, Zorislav Antun Petrović, President (Croatia)
Transparency International Israel, Galia Sagi, CEO (Israel)
Transparency International Russia, Marina Savintseva, Programme Co-ordinator (Russia)
Transparency International Slovakia, Emilia Beblava, President (Slovakia)
Transparency Serbia, Program Director, Nemanja Nenadic, (Serbia)
Wobbing Europe, Brigitte Alfter, Editor (Europe)
Youth Initiative for Human Rights, Sarah Maliqi, Executive Director (Kosovo)

Francesca Fanucci, International Human Rights Lawyer
John Edwards, FOI Advocate (New Zealand)
Natalia Torres, MSc Public Policy (Argentina)
Ricardo Corcuera, Legal Advisor in Human Rights (Perú)
Richard Calland, Programme Director: Economic Governance, Idasa (South Africa)
Roger Vleugels, Lecturer and Legal Advisor FOIA (The Netherlands)
Susanne Tam, Ethics Consultant, (Israel)
Walter Keim (Norway)