Deep Politics Forum

Everyone's favourite software company doesn't want its customers to know how it spies on them.

John Young at Cryptome has been publishing a whole series of Company policy documents as they relate to legal obligations concerning surveillance of staff and customers. His publication of the Microsoft one entitled "Global Criminal Compliance Handbook "has now reached the stage of a 'take-down' demand forwarded to him from the legal department of his site host 'Network Solutions LLC'.

Note the by now customary tactic of targeting the host rather than the publisher:

Quote: 23 February 2010

To; "DMCA" <DMCA[at]networksolutions.com>
Date: Tue, 23 Feb 2010 19:36 -0500
From: John Young <jya[at]pipeline.com>
Subject: Re: DN: www.cryptome.org; Registrar: Network Solutions; Host: Network Solutions - Demand for Immediate Take Down - Notice of Infringing Activity - MS Ref. 304277
cc: "Microsoft Anti Piracy Investigator #4" <internet4[at]microsoft-antipiracy.com>
Dear Ms. Larsen,
My counterclaim is that the Microsoft document provides important information for the public to understand how Microsoft violates the trust placed in it by customers to protect their privacy and confidentiality of personal data and usage of Microsoft products.
Microsoft is improperly using copyright violation claim to conceal this violation of customer trust, a purpose not intended nor supported by copyright law.
The document will not be removed.
Sincerely,
John Young
Cryptome.org

Subject: DN: www.cryptome.org; Registrar: Network Solutions; Host: Network Solutions - Demand for Immediate Take Down - Notice of Infringing Activity - MS
Date: Tue, 23 Feb 2010 17:05:51 -0500
From: "DMCA" <DMCA[at]networksolutions.com>
To: <jya[at]PIPELINE.COM>
Cc: "Microsoft Anti Piracy Investigator #4" <internet4[at]microsoft-antipiracy.com>

VIA ELECTRONIC MAIL

February 23, 2010

Re: Potential Infringement of Copyrighted Material by www.cryptome.org

As you are aware, Network Solutions, LLC provides hosting services in connection with your Web site, www.cryptome.org. We have received the below notice from Graeme Grant, Internet Investigator on behalf of Microsoft Corporation (“Microsoft”), claiming there is content on your Web site that is infringing on the copyrighted material of Microsoft (the “Claim”). Pursuant to the Digital Millennium Copyright Act (the "Act”), 17 U.S.C.S. §512, and our Acceptable Use Policy (the “AUP”), we will disable your Web site on Thursday, February 25, 2010, unless the dispute between the Notifying Party and yourself is resolved. We are not in a position to determine whether or not the allegations in the Claim are true, and therefore we take no position as to the accuracy of the Claim. If you immediately remove the content that is objectionable to the Notifying Party, or you otherwise resolve the matter with the Notifying Party, and the Notifying Party confirms that his Claim has been resolved, it might not be necessary for us to disable (or continue to disable) the Web site. If you dispute the substance of the Notifying Party’s Claim and wish to provide a counter-notification pursuant to the Act, please provide any such counter-notification (and the information required by Section 512(g)(3) of the Act) to my attention at dmca[at]networksolutions.com and we will proceed accordingly. For your convenience, we have attached to this e-mail a copy of the Act. Please direct all questions regarding the allegedly infringing material to the Notifying Party, who is copied on this e-mail. If you are able to resolve this matter within the designated timeframe, please send via e-mail, being sure to include all involved parties, a notification to that effect.

Regards,

Linda L. Larsen, Designated Agent
Network Solutions, LLC
Telephone: 703.668.5615
Facsimile: 703.668.5959
Email: dmca[at]networksolutions.com


From: Microsoft Anti Piracy Investigator #4 [mailto:internet4[at]microsoft-antipiracy.com]
Sent: Monday, February 22, 2010 7:34 PM
To: DMCA; Abuse
Subject: DN: www.cryptome.org; Registrar: Network Solutions; Host: Network Solutions - Demand for Immediate Take Down - Notice of Infringing Activity - MS Ref. 304277
Importance: High


VIA EMAIL:

Demand for Immediate Take-Down: Notice of Infringing Activity

URL: http://cryptome.org/isp-spy/microsoft-spy.zip
Case #: 304277
Date: 23 February 2010

Dear Sir or Madam,

Microsoft has received information that the domain listed above, which appears to be on servers under your control, is offering unlicensed copies of, or is engaged in other unauthorized activities relating to copyrighted works published by Microsoft.

1. Identification of copyrighted works:

Copyrighted work(s):
Microsoft Global Criminal Compliance Handbook

Copyright owner:
Microsoft Corporation

2. Copyright infringing material or activity found at the following location(s):

http://cryptome.org/isp-spy/microsoft-spy.zip

The above copyright work(s) is being made available for copying, through downloading, at the above location without authorization of the copyright owner.

3. Statement of authority:

The information in this notice is accurate, and I hereby certify under penalty of perjury that I am authorized to act on behalf of Microsoft, the owner of the copyright(s) in the work(s) identified above. I have a good faith belief that none of the materials or activities listed above have been authorized by Microsoft, its agents, or the law.

We hereby give notice of these activities to you and request that you take expeditious action to remove or disable access to the material described above, and thereby prevent the illegal reproduction and distribution of this copyright work(s) via your company's network.

We appreciate your cooperation in this matter. Please advise us regarding what actions you take.

Yours sincerely,

Graeme Grant
Internet Investigator

on behalf of Microsoft Corporation
One Microsoft Way
Redmond, WA 98052
United States of America

E-mail: Internet4[at]microsoft-antipiracy.com

Is that related to this Peter?
http://www.deeppoliticsforum.com/forums/...ight=cofee

Cryptome could respond by placing the document on another ISP based in eastern Europe and linking to it and requesting other parties to mirror the document with attribution to Cryptome. If it became widely disseminated it would become uneconomical (if not impossible) for Microsoft to effectively challenge this.

I note that ISPs now widely adopt the policy that if a complaint is received, they insist the material be removed or will suspend the service. This, of course, is contrary to common law and free speech and, de facto, places complete authority in the complainants case. There is no defence. Someone should build a law case to insist the ISP's honour the principle that innocence stands tall until guilt is proven.

Magda Hassan Wrote:Is that related to this Peter?
http://www.deeppoliticsforum.com/forums/...ight=cofee

Don't think it is Magda.

Cofee is MS proprietary software supplied to computer forensic investigators - at a price - as I understand it. Lots of versions and loads of chaff and waffle about what can and cannot be done with it.

As usual John Young cuts through all the crap and plonks a cat in the pigeon loft. Power to his elbow I say.

The spy manual thing is a company document that I believe is required by some recent law passed in the US - though I'm not certain about that. Anyway, seems to especially concern large computer/software service providers because the likes of IBM and Yahoo and a good few other have had theirs published on Cryptome too.

David Guyatt Wrote:Cryptome could respond by placing the document on another ISP based in eastern Europe and linking to it .....

David

Not sure how much you know about John Young but he is one canny operator. He's been in the business of publishing anything and everything sent to him for a long time now and his site says it still maintains a 100% record against legal and take-down threats.

He's something or a hero of mine - not to say role model (at my age!!**??) too.
Here's his response to a question about Cryptome's privacy policy. It's a classic and right on the button (note my bold/italics).

Quote:A asks: What is Cryptome's privacy policy, is user data collected? Answer: No user data is collected by Cryptome. Logs are deleted several times a day. But read on.
This is not to promise there is nobody else doing the collecting. We periodically warn that covert snooping by ISPs, by network system operators, by spies public and private, by the host of predators of the vast Web, is rampant.
Log retention is endemic, on grounds it needed for system administration. Hah, just like the feds and the corps claim that is why they need to watch citizens and employees.
As you know there are many, many ways to snoop on traffic, so much that Cryptome asserts there is no trustworthy privacy policy, not for Cryptome, not for anybody else.
To be sure, if privacy policy means just enough privacy to keep users coming into the spider's web, then okay, that is the policy used by government's to assure the citizenry it acts in the public interest. As employers act in the interest of their employees, as corporations act in the interest of their stockholders, as religious and educational institutions and professionals act in the interest of their dutiful fee-payers.
Those who promise the most protection are out to skin you alive, those who promise the most privacy are selling your most private possessions.
Cryptome is not trustworthy, and lies. It's a free site, what else could it be but up to but no good?

Thanks Peter. I don't know much about him at all, but I like Cryptome very much. If he is able to avoid the threatened takedown then hats off to him. Someone has to make a stand against this fiendish corporate bullying.

I sympathize with him on the privacy issue also. But I suppose we must be careful about how privacy is used. I don't know if you watched the BBC4 "On Expenses" drama last night, but the thought of Parliamentarians using privacy laws to override the freedom of information law in order to conceal their corrupt and gross expenses, was enough to make steams escape from my ears.

It seems that the entire Cryptome site has been taken down as of yesterday.

This from Wikileaks where you can also download the offending document. Hopefully it will be widely distributed and the net result will be a bigger readership than if Cryptome had been left alone.

Quote: 24. Feb. 2010: Cryptome.org takedown: Global Criminal Compliance Handbook, 24 Feb 2010 Cryptome.org is a venerable New York based anti-secrecy site that has been publishing since 1999. On Feb 24, 2010, the site was forcably taken down following its publication Microsoft's "Global Criminal Compliance Handbook", a confidential 22 page booklet designed for police and intelligence services. The guide provides a "menu" of information Microsoft collects on the users of its online services. Microsoft lawyers threatened Cryptome and its "printer", internet hosting provider giant Network Solutions under the Digital Millennium Copyright Act (DMCA). The DMCA was designed to protect the legitimate rights of publishers, not to conceal scandalous internal documents that were never intended for sale. Although the action is a clear abuse of the DMCA, Network Solutions, a company with extensive connections to U.S. intelligence contractors, gagged the site in its entirety. Such actions are a serious problem in the United States, where although in theory the First Amendment protects the freedom of the press, in practice, censorship has been privatized via abuse of the judicial system and corporate patronage networks.

Further to my last post the following link is worth perusing. It is a temporary version of the latest cryptome stuff pending transfer of everything to a new ISP. There is a 'legal lock' on the Domain name pending dispute resolution which means it will have to make do with a different name (probably that in the referenced link) in the meantime.

Looks to me like the noose is tightening on us uppity sods on the internet so maybe DPF should have a good think about its hosting arrangements too - at least have a solid back-up regime and an alternative Domain Name and prospective ISP (in a different jurisdiction) on stand by.

http://cryptomeorg.siteprotect.net/

This links to a series of exchanges between the BBC and John Young before, during and after a 'for radio' interview done at the BBC News Bureau in NYC a few days ago.

There is a video on the interview on YouTube here

Both are vintage John Young - priceless stuff. The man certainly IS 'a minor institution' and should be given vigorous support in his battles with Authority - IMHO.

A snippet - Chris is the out-of-his-depth BBC interviewer (MY Bolding):

Quote: Chris asked if there was any information Cryptome would not publish, even top secret information that would threaten a nation.

Cryptome said those questions are often posed as bait, that there is slight chance that "nation-threatening" information will ever be sent to Cryptome, that instead it is authoritatives who release such information when it suits their purpose.
That authoritatives are the principal source of classified and confidential information released to the public through orchestrated freedom of information and "openness" programs to appear public-friendly, but which corrupt public discourse and comprehension with carefully prepared disinformation in concert with other authoritatives, especially those who traffic in official statements, deliberate leaks and disclosures by unidentified officials "not authorized to speak" but who do so avidly.

Chris asked if Cryptome recognized the danger of releasing unauthorized and unvalidated information, in particular using the Internet.

Cryptome said there was little danger in that, the danger comes from too much control of information by authoritatives in the classic one-to-many manipulation of the public. Many-to-many handling of information is far superior and the Internet can be highly effective for that purpose if the current initiative by authoritatives to clamp down its unruly nature is resisted.

Chris cited the need for reputation protection against anonymous attackers.

Cryptome said reputation is a pretentious conceit to overvalue, that it deserves sustained attack not protection, the greater the reputation the more need for challenge whether anonymous or open. Anonymous challenges guard against authoritative abuse to protect unquestioned privilege. Those attacked should counter attack by the same means rather than demand authoritative intervention, to continuously demonstrate capability not to hide its husk's emptiness under libel law -- the latter is a vestige of ancient inherited privilege of authoritatives.

Peter Presland Wrote:Further to my last post the following link is worth perusing. It is a temporary version of the latest cryptome stuff pending transfer of everything to a new ISP. There is a 'legal lock' on the Domain name pending dispute resolution which means it will have to make do with a different name (probably that in the referenced link) in the meantime.

Looks to me like the noose is tightening on us uppity sods on the internet so maybe DPF should have a good think about its hosting arrangements too - at least have a solid back-up regime and an alternative Domain Name and prospective ISP (in a different jurisdiction) on stand by.

http://cryptomeorg.siteprotect.net/

I think you're right and that Cryptome is being designedly strangled.

Your precautionary suggestion strikes me also as very sensible. Mirroring in different jurisdictions may be the answer - not that I'm particularly au-fait with internet-thingy technicalities.