Sign in with
Sign up | Sign in

Microsoft's "Spy Guide" Handbook Leaked Online

By - Source: Tom's Hardware US | B 26 comments

Microsoft was yesterday fretting over a leaked document that the company clearly didn't want anyone reading.

Watchdog website Cryptome has posted Microsoft's 'Global Criminal Compliance Handbook' on its website and despite Microsoft's best efforts, the document remains online for the world to see.

The Criminal Compliance Handbook is more of a guide and is meant for law enforcement agencies that want to know what kind private data Microsoft stores and how they should go about requesting it.

CNet Cites Cryptome owner John Young who says he believes the documents that he publishes are indications that companies are bending over backwards to placate law enforcement officials because they're afraid of being targeted by them. Young says he feels that Microsoft's Surveillance Guide goes much further in holding the hands of law enforcement than the typical document. Mr Young claims the document, which he refers to as a Spy Guide, came from a Web site that specialized in training law enforcement.

Several news outlets report that yesterday afternoon Microsoft sent a take-down noticed to Cryptome asking that the site's owner, John Young, remove the document from Cryptome.org. Young refused and was sent a notice citing the Digital Millennium Copyright Act (DMCA) by his host; Network Solutions said they would have to shut down his website if he did not remove the files and for a brief period, his website was unavailable.

Young has since posted an update to his site saying Microsoft has withdrawn its complaint and, at the time of writing, Redmond's "Global Criminal Compliance Handbook" is still available online.

If downloading the document isn't your thing, you can check it out here on Scribd (via Business Insider).

Discuss
Ask a Category Expert

Create a new thread in the News comments forum about this subject

Example: Notebook, Android, SSD hard drive

This thread is closed for comments
Top Comments
  • 22 Hide
    Anonymous , February 25, 2010 7:58 PM
    Cryptome.org is a great website that is performing an important public service. Bravo!
  • 11 Hide
    Anonymous , February 25, 2010 8:44 PM
    is anyone actually reading the document? its not like they're storing very controversial stuff.. login info for your msn? well.. duh..
    the emails you get to you hotmail adress? again, duh..
    some ip adress info? yeah ok but compared to google thats nothing

    they're basically saying they are storing the stuff you put on their online services, hardly a suprise.

    the real wtf i why this document is secret, esp since this information is available else where but perhaps not in this concetrated form..

    it would be real interesting to see googles corresponding document though..
Other Comments
  • -5 Hide
    Tomtompiper , February 25, 2010 7:58 PM
    Glad I'm using PCLinuxOS. Microsoft and Google are so intrusive it is frightening.
  • Display all 26 comments.
  • 22 Hide
    Anonymous , February 25, 2010 7:58 PM
    Cryptome.org is a great website that is performing an important public service. Bravo!
  • 3 Hide
    redplanet_returns , February 25, 2010 7:59 PM
    I thought facts can't be copyrighted...this and corporations abusing the already messed up DMCA for stuff they don't want leaked out is truly bothersome
  • 7 Hide
    redplanet_returns , February 25, 2010 8:00 PM
    also bravo to cryptome for exposing the BS and taking a stand for what he/it believes in!
  • 7 Hide
    Anonymous , February 25, 2010 8:30 PM
    This is nothing new. Comcast has a similar document explaining the correct procedures for law enforcement to request information. All it does is attempt to organize large number of requests they receive into a formal, organized and supported procedure. Rather than have law enforcement call and make demands on receptionists or the cable guy.
  • 11 Hide
    Anonymous , February 25, 2010 8:44 PM
    is anyone actually reading the document? its not like they're storing very controversial stuff.. login info for your msn? well.. duh..
    the emails you get to you hotmail adress? again, duh..
    some ip adress info? yeah ok but compared to google thats nothing

    they're basically saying they are storing the stuff you put on their online services, hardly a suprise.

    the real wtf i why this document is secret, esp since this information is available else where but perhaps not in this concetrated form..

    it would be real interesting to see googles corresponding document though..
  • 3 Hide
    Anonymous , February 25, 2010 9:03 PM
    Have read the complete document as well as Pay-pals Document and face-books document.

    Its fair to say that details of your Account creation, User submitted information on those Accounts that you have supplied on their creation as well as various Logs of IP addresses and times you have logged on to their services are held, for a period of time or indefinitely in the cases off accounts on E-bay...

    So it goes without saying that there must be a procedure for the Law enforcement to get this information with the correct court orders to help them solve crime!

    The thing that scares people is all the data that is out there that they have submitted and who has access to it, but then, lets see everyone try live without ever entering any information into the Net at all, just dont go online if you are worried about it..

    The documents are detailed but not detrimental as first laid out to be in the article, they are a matter of fact and they just confirm the details being held on user accounts which is wild information in any case

    Lets see toms hardware policy whilst we are at it, that would be refreshing to see a site give that up without it being snooped, honesty is the best policy..
  • -8 Hide
    tommysch , February 25, 2010 9:16 PM
    Slimy SoBs!

    Im glad that im pirating the crap out of them since the 90s.
  • 1 Hide
    mlopinto2k1 , February 25, 2010 9:31 PM
    tomtompiperGlad I'm using PCLinuxOS. Microsoft and Google are so intrusive it is frightening.
    I am using Ubuntu Studio. I am right there with you bro. Or sis. lol.
  • 3 Hide
    mlopinto2k1 , February 25, 2010 9:35 PM
    Actually, after reading the first few pages.. It really doesn't look like much! It's just a detailed accounting of what happens with their online services. Police need detailed information especially if they are questioning someone about internet information. Someone can easily lie and say this and say that. If the police believed them, they wouldn't even have known they could have looked into something a little farther and maybe have found out some information.

    This documentation could be beneficial to CRIMINALS though!
  • 7 Hide
    mlopinto2k1 , February 25, 2010 9:37 PM
    TommySchSlimy SoBs!Im glad that im pirating the crap out of them since the 90s.
    Ignorance is bliss.
  • 2 Hide
    JohnnyLucky , February 25, 2010 10:18 PM
    Interesing article. It seems to me the guide is just trying to establish a protocol to keep things frem getting disorganized.
  • 2 Hide
    Anonymous , February 25, 2010 11:22 PM
    It's just the handbook for online services and how law enforcement may request your info, access to your cloud files, etc... I was hoping it would be some "how to use NSA_KEY" bullshit...
  • 3 Hide
    Anonymous , February 25, 2010 11:46 PM
    Anyone who would spy on my internet habits must have a life even more boring than mine.
  • 3 Hide
    blasko229 , February 26, 2010 12:42 AM
    Network Solutions sucks. Had some clients with it and it was very slow. Now I see they are also ready and willing to give out customer info and close your site.
  • 0 Hide
    jalek , February 26, 2010 3:20 AM
    Police can subpoena dates, times, and IP addresses for logins and can request any emails you leave saved on their servers? If a judge is involved for a subpoena, I see nothing surprising.

    It does tell you how to basically reset your accounts with them, but they don't store much other than what could be used for building a timeline from what I see. I do wonder what my account shows, it's from before Microsoft bought Hotmail and I've changed the name and profile information on that account many times.
  • -5 Hide
    techguy378 , February 26, 2010 6:59 AM
    Mr. Young should be arrested and put in jail for posting this document on the internet. Anyone else who illegally posts confidential company documents should suffer the same fate. Mr. Young is a complete moron. Microsoft is even more stupid for withdrawing its complaint.
  • 4 Hide
    donaldduck , February 26, 2010 7:24 AM
    tomtompiperGlad I'm using PCLinuxOS. Microsoft and Google are so intrusive it is frightening.

    For once this has nothing to do with MS or Google being "intrusive". I had a look at the document and it is nothing MS has to be frightened or ashamed off, they just documented (and quite well, I must say) the data they retain, as requested by law!!!
    This is not MS being nosy and wanting to track you in every aspect. If there is something wrong with it, it has to do with the law.
    If you develop a whatever internet access service you must (by law) implement something like that.
    Do you think that Ubuntu's "cloud" services are any different?

    I am a Linux users (and supporter) from many years, but I don't dislike MS. I just thought that this article needed a clarification. From the headlines I initially thought that the leaked document was actually about MS spying on customers! :p 
  • -4 Hide
    ossie , February 26, 2010 9:54 AM
    The leaked document is clearly showing how micro$uxx, and other corporate entities active in storing private data, bend over to please the modern big brother/nanny police state.
    Also, it's a good incentive to never store any of your data on some third party corporate network, if you care for it.
    redplanet_returnsI thought facts can't be copyrighted...this and corporations abusing the already messed up DMCA for stuff they don't want leaked out is truly bothersome

    micro$uxx would (ab)use any avenue, legal or not, to get what it wants.
    techguy378Mr. Young should be arrested and put in jail for posting this document on the internet. Anyone else who illegally posts confidential company documents should suffer the same fate. Mr. Young is a complete moron. Microsoft is even more stupid for withdrawing its complaint.

    And you should be shipped to the next psychiatric ward. micro$uxx backed off, because it was illegally abusing an already abusive law, and NS did as well.
  • 1 Hide
    Regulas , February 26, 2010 12:22 PM
    Thanks Tom's for the link. This is exactly what I have been saying all along. I would bet big money that the last several OS from Microsoft who worked with the NAS and who knows what other Federal agencies while developing have built in back doors too. I always get flamed by the little MS fan boys but the proof is in facts. I don't do illegal stuff, it's about principle. I run Linux and feel somewhat secure that big brother can not easily spy on me.
    If you trust the big Federal government then I say you must be working for them or just a complete idiot.
Display more comments