Still working to recover. Please don't edit quite yet.
Difference between revisions of "corporate websites and LEA"
(anarchowikification) |
m |
||
| Line 1: | Line 1: | ||
| − | Two birds recently did a presentation at the People's Summit | + | Two birds recently did a presentation at the People's Summit<ref name=seattle>http://seattleplus10.org/</ref> |
celebrating the 10 year anniversary of the [[World Trade Organization|WTO]] protests. We discussed | celebrating the 10 year anniversary of the [[World Trade Organization|WTO]] protests. We discussed | ||
the dangers of using corporate tools to do organizing work, in | the dangers of using corporate tools to do organizing work, in | ||
particular, the fact that you don't know what they do with your data. | particular, the fact that you don't know what they do with your data. | ||
| − | Thanks to some anonymous comments in a blogger's post | + | Thanks to some anonymous comments in a blogger's post<ref name=dubfire> |
| + | http://paranoia.dubfire.net/2009/12/8-million-reasons-for-real-surveillance.html</ref> about his | ||
research regarding a U.S. mobile phone company's release to law | research regarding a U.S. mobile phone company's release to law | ||
enforcement of its customers' geographic location information, we now | enforcement of its customers' geographic location information, we now | ||
| Line 12: | Line 13: | ||
copies of the guidebooks that several large corporations provide to | copies of the guidebooks that several large corporations provide to | ||
assist law enforcement with their requests. The leaked manuals include | assist law enforcement with their requests. The leaked manuals include | ||
| − | those for [[Facebook]], | + | those for [[Facebook]]<ref>http://dtto.net/docs/facebook-manual.pdf</ref>, |
| + | [[Yahoo!]]<ref>http://dtto.net/docs/yahoo-guide.pdf</ref>, [[MySpace]]<ref>http://dtto.net/docs/myspace-guide.pdf</ref>, | ||
| + | [[Comcast]]<ref>http://dtto.net/docs/comcast-guide.pdf</ref>, and [[PayPal]]<ref>http://dtto.net/docs/paypal-guide.pdf</ref>. | ||
Each manual provides helpful hints for law enforcement regarding the | Each manual provides helpful hints for law enforcement regarding the | ||
specific data available (some of which may be obtained with a mere | specific data available (some of which may be obtained with a mere | ||
| Line 33: | Line 36: | ||
online service providers because the [[U.S. Department of Justice]] does not | online service providers because the [[U.S. Department of Justice]] does not | ||
report the number of IP address requests that they have issued, even | report the number of IP address requests that they have issued, even | ||
| − | though a 1999 law requires reports. | + | though a 1999 law requires reports.<ref name=seattle/> There is also no reporting |
requirement for court orders issued under the Stored Communications | requirement for court orders issued under the Stored Communications | ||
| − | Act | + | Act<ref>http://en.wikipedia.org/wiki/Stored_Communications_Act</ref> |
| + | which governs the release in the United States of all of your | ||
electronic data stored online. | electronic data stored online. | ||
One of the scary things about all of this is that the US actually has | One of the scary things about all of this is that the US actually has | ||
better data protection laws than many other countries. Also, unlike our | better data protection laws than many other countries. Also, unlike our | ||
| − | comrades in the [[European Union|EU]], | + | comrades in the [[European Union|EU]],<ref> |
| + | http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:32006L0024:EN:NOT</ref> the US does not currently require online | ||
providers to keep logs, This means that people organizing everywhere | providers to keep logs, This means that people organizing everywhere | ||
should be aware that if you are using corporate providers, your data is | should be aware that if you are using corporate providers, your data is | ||
| Line 48: | Line 53: | ||
importance of supporting alternatives and educating each other about the | importance of supporting alternatives and educating each other about the | ||
risks of using corporate tools for organizing work. For more | risks of using corporate tools for organizing work. For more | ||
| − | information, read the blog post, | + | information, read the blog post,<ref name=dubfire /> |
==References== | ==References== | ||
| − | + | <references/> | |
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
==Acknowledgement== | ==Acknowledgement== | ||
Revision as of 23:06, 26 December 2009
Two birds recently did a presentation at the People's Summit[1] celebrating the 10 year anniversary of the WTO protests. We discussed the dangers of using corporate tools to do organizing work, in particular, the fact that you don't know what they do with your data. Thanks to some anonymous comments in a blogger's post[2] about his research regarding a U.S. mobile phone company's release to law enforcement of its customers' geographic location information, we now have some answers.
Large companies have entire departments devoted to dealing with law enforcement subpoenas and warrants, and the anonymous posters provided copies of the guidebooks that several large corporations provide to assist law enforcement with their requests. The leaked manuals include those for Facebook[3], Yahoo![4], MySpace[5], Comcast[6], and PayPal[7]. Each manual provides helpful hints for law enforcement regarding the specific data available (some of which may be obtained with a mere subpoena and without any judicial scrutiny), and even sample request language to use in different circumstances. For example, according to the leaked manual, facebook retains information about the IP address of every computer that accesses their website for 30 days. This means that, unless you use countermeasures, facebook can know the exact location where you logged on to your account. Because this IP address information does not include the contents of communications, a U.S. prosecutor can seek the information without any judicial oversight.
With a court order, facebook will release even more information about you. They've even developed an application called "Neoprint" to deliver a handy packet of information about subscribers, including profile contact information, mini-feed, friend listing (with friend's facebook ID), group listing and messages.
There is little oversight of surveillance conducted in the U.S. of online service providers because the U.S. Department of Justice does not report the number of IP address requests that they have issued, even though a 1999 law requires reports.[1] There is also no reporting requirement for court orders issued under the Stored Communications Act[8] which governs the release in the United States of all of your electronic data stored online.
One of the scary things about all of this is that the US actually has better data protection laws than many other countries. Also, unlike our comrades in the EU,[9] the US does not currently require online providers to keep logs, This means that people organizing everywhere should be aware that if you are using corporate providers, your data is at risk.
While this information should not be surprising, it illustrates the importance of supporting alternatives and educating each other about the risks of using corporate tools for organizing work. For more information, read the blog post,[2]
References
- ↑ 1.0 1.1 http://seattleplus10.org/
- ↑ 2.0 2.1 http://paranoia.dubfire.net/2009/12/8-million-reasons-for-real-surveillance.html
- ↑ http://dtto.net/docs/facebook-manual.pdf
- ↑ http://dtto.net/docs/yahoo-guide.pdf
- ↑ http://dtto.net/docs/myspace-guide.pdf
- ↑ http://dtto.net/docs/comcast-guide.pdf
- ↑ http://dtto.net/docs/paypal-guide.pdf
- ↑ http://en.wikipedia.org/wiki/Stored_Communications_Act
- ↑ http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:32006L0024:EN:NOT
Acknowledgement
The text was originally adopted from the newsletter of RiseUp.net
