Police Exposed for Being Able to Access Facebook, Microsoft and AOL in Leaked Confidential Documents

Sophie Webster, Tech Times 27 March 2022, 12:03 pm

The law enforcement guidelines that tell police what types of user data are stored, what procedures to use to access them, and how long they are retained have been leaked.

A few types of requests, for emails less than 180 days old, for example, tend to require police search warrants so they can access them.

In general, the basic subscriber information can be disclosed as long as there is a subpoena, and a court order is needed to get more extensive information.

Highlights of Each Social Media Company Policies for Police

For Blizzard, the logs of internet protocol addresses are kept indefinitely. According to the gaming company behind "World of Warcraft," sent mail is not retained, and deleted mail messages are also not retained, according to CNET.

For Facebook, an earlier version of the social media company's manual from 2008 said that the IP log data is generally retained for 90 days. The statement is missing from the newly-released 2010 version, indicating that Facebook can now store data longer.

Also Read: Microsoft Swiftkey Receives New Feature That Copy, Paste Data Between Android and Windows 10

For Microsoft or MSN, Hotmail IP logs are kept for only 60 days. MSN TV's Web site logs were stored for only 13 days.

No logs were saved for conversations through the chat rooms in MSN and MSN instant messenger. The leaked document is from April 2005, which means it may have changed through the years.

For AOL, the IP logs for the AIM and ICQ messaging services are only stored for up to 90 days. The customer logs are only kept for six months. All AOL email, including from portals such as AOL.mx, AOL.ca, and AOL.fr, is stored in its Northern Virginia data center.

The manuals for Microsoft, Blizzard, and AOL were leaked as part of a recent data dump from the infamous hacker Anonymous. The 2010 Facebook manual was posted by PublicIntelligence.net.

The most extensive collection of law enforcement guidelines has been assembled by a retired architect who runs the Cryptome.org document, John Young.

Microsoft's Attempt to Remove its Law Enforcement Manuals

After the law enforcement manuals for Windows were leaked on Cryptome in 2021, Microsoft has attempted to remove it online using the Digital Millennium Copyright Act. The DMCA complaint was withdrawn a couple of days later, according to VOX.

In July, a House of Representatives panel voted to require Internet providers to store the names, phone numbers, addresses, credit card numbers, bank account numbers, and temporarily-assigned IP addresses of customers.

Previous Justice Department proposals envisioned forcing social networking sites to keep records for a couple of years of who uploads which pictures of videos. In 2011, Facebook posted its law enforcement guide in its help center.

After Facebook posted its law enforcement guide, it was revealed that there was no mention of how long the data is retained.

However, Facebook is taking a more privacy-protective stand than some other companies and insisting, as its membership in the Digital Due Process or DDP coalition might suggest, that the search warrants are needed for the stored contents of any account.

In 2017, Facebook updated its policy to ban devs from accessing its data.

In 2020, Microsoft banned face-recognition service to police.