"Lawful Spying" Price Lists Leaked

ogaraf writes "Wired has a story about how the site Cryptome.org leaked the price lists for 'lawful spying' activities of Yahoo and other companies, and subsequently received a DMCA takedown notice from Yahoo. The documents, however, are still posted online, and in them you can learn, for instance, that IP logs last for one year, but the original IPs used to create accounts have been kept since 1999. The contents of your Yahoo account are bought for $30 to $40 by law enforcement agencies."

You've got to be kidding me

I like the part where Yahoo complains that the leaking of the document could "shock" its users and damage its reputation. Shoulda thought of that earlier, huh?

Re:You've got to be kidding me

[Dreadneck]

I like the part where Yahoo complains that the leaking of the document could "shock" its users and damage its reputation.

I AM shocked!

Only $30 per? Really?? Violating my privacy is bad enough, but the insult to my dignity is despicable!

Come on, guys! You're billing the government! Add some zeroes for fuck's sake - it's not like you're billing Medicare!

Re:You've got to be kidding me

[bill_mcgonigle]

I hate corporations. I hate them with every fiber of my being.
Although I still like them better than government

Corporations are legal fictions created by governments, so no need to feel conflicted. It's what makes regulatory capture so poisonous, and kills the negative feedback required for a balance of power.

But, hey, what's destroying a system of government or two when there's a Rockefeller empire to be made in oil?

Re:You've got to be kidding me

[Dreadneck]

True, but in my defense I was more focused on getting a +5 Funny .

Re:You've got to be kidding me

[negRo_slim]

Some of us have brains and skills to not need corporations.

Never mind the multitude of corporations responsible for the manufacturing of your computer... Or the ones running your network connection... Nope, don't need corporations at all. Build everything with my own two hands from scratch!

Re:You've got to be kidding me

[PopeRatzo]

If we allow corporations as legal persons they should be subject to dissolution for certain abuses.

This is an extremely important point, especially in the US right now. Our Supreme Court is arguing whether a corporation can give unlimited amounts of money to a political candidate. The argument is that if a corporation is considered to be a person, and holds all the rights of a person, then that should include the right of free speech, and money equals speech, so therefore they should be allowed to give unlimited funds to a candidate. Forget for a moment the amount of logical acrobatics required to accept that argument, what it comes down to is that the corporations have the money, thus they must be allowed to have all the power. Any chance of separating corporate wealth from political power hinges on this decision by the Supreme Court. If it finds for the corporations, there will never be another official elected on a national level that does not hold the interests of one or more corporations above the interests of the people or the Nation.

Unfortunately, the broad range of civil rights granted to corporations-as-persons does not come with the same responsibilities, both moral and legal, that are required of the flesh-and-blood type of persons. For example, we are brought up in the US to believe there is great shame in declaring bankruptcy, and that anyone who walks away from a mortgage that is "upside-down" or "under water" should be branded with the sign of shame. Yet, in the corporate world, bankruptcy and default are common, an accepted part of doing business. It is not only acceptable for a corporation whose liabilities outweigh its assets to default on its obligations, but it is considered "the right thing to do" to preserve capital. No shame, no harm, no foul. A company that has defaulted can "reorganize" and come back as if nothing has happened. But if someone who owes half a million dollars on a house that's worth $200k and drops the keys in the mailbox and walks away must be shunned and receive no help, lest it create a "moral hazard" (yes, that's the term the actually use).

The fiction that a corporation deserves all the rights as a person, or should even be considered a person in any legal sense at all, is one that will continue to damage the future of the US, perhaps permanently. The problem is, the only people who could possibly stop this insanity, are funded primarily by corporate dollars. It appears to be an intractable, maybe fatal flaw in our system.

Tempest in a tea cup

[jpmorgan]

If you actually read the documents (I know, that's too hard), you'll see that this is a list of information Yahoo! can provide in compliance of subpoenas, search warrants and court orders.

Oooh, if the cops get a search warrant, they can look at your Yahoo! friends list. It's the end of liberty as we know it!

Re:Tempest in a tea cup

The privacy intrusion does not start with the search. It starts with retaining the information.

Re:Tempest in a tea cup

[dkleinsc]

The really interesting part about National Security Letters is that they're fairly obviously unconsitutional, but were designed in such a way that the judiciary would never rule on their constitutionality. By making it a crime to reveal that you've received an NSL, you make it impossible for anyone to demonstrate that it existed in the first place, and thus prevent anyone who was targeted by them to establish standing to sue. So if someone tries to challenge it, the executive branch can argue correctly "You can't prove an NSL existed, therefor you can't prove you were harmed by NSLs, therefor you have no reason to sue".

I just wish more of the Senate had understood what was really at stake and followed Sen Russ Feingold's (D-WI) lead. Because what was actually going on was that the executive succeeded in shutting out the judiciary from the judicial process.

Wikileaks

[yamamushi]

It's a good thing it's already been archived on WikiLeaks http://wikileaks.org/wiki/Yahoo_compliance_guide_for_law_enforcement%2C_23_Dec_2008

Since there is no copyright notice...

... or other confidential markings in this document, I don't feel there is any reason not to public disclose this document all or in part. In fact, I will do that just now...

For email:
"Yahoo! retains a user’s incoming mail as long as the user chooses to store such messages in their mail folders and
the user’s email account remains active. Yahoo! retains a user’s sent mail only if the user sets their email account
options to save sent mail and has not subsequently deleted specific messages."

For messenger:
"For Yahoo! Chat and all forms of Messenger, Yahoo! has log information regarding the use of the services. Yahoo!
maintains a “Friends List” for users of Yahoo! Messenger and can determine from its logs the time and date that a
user logged into Messenger or Chat (in the prior 45-60 days) and the IP address used. Yahoo! also can retrieve
from its Chat and Messenger logs the names of the chat rooms that the user accessed and the Yahoo! IDs of the
other people with whom a user communicated through Messenger during the prior 45-60 days. In order to search
these logs, a Yahoo! ID and a specific time frame, preferably no more than three days, must be provided."

For flickr:
"If provided with a Yahoo! ID, Flickr URL, or Flickr NSID, Yahoo! has the ability to produce subscriber information for
the account-holder. As long as the Flickr account is active, Yahoo! has the ability to produce content in the account
– with associated upload IP addresses and date and time – as well as the email and Groups information for the
account."

For groups:
"Yahoo! maintains information about Group moderators, as well as an activity log for each Group. The Group activity
log is a transactional log that indicates when members have subscribed or unsubscribed from the Group, posted or
deleted files or polls, or other similar events. Not all Group activities are logged, however. For example, the reading
of messages or downloading of files or photos is not logged.
Although the Group Message archive maintains messages sent to Group members, the message archive does not
contain any attachments to the messages. Yahoo! does not maintain those attachments in any form.
For current Groups, Yahoo! retains information relating to the moderator, members, and the active contents of the
Files, Photos, and Messages sections. If a Group has been deactivated or deleted, information about the Group
may be preserved for approximately 30 days, after which the information may be deleted."

For geocities and other premium web services:
"For web-hosting
and domains, Yahoo! will have basic Yahoo! registration information about the user who posted the page. Yahoo!
also will have the active files that the user has uploaded to the website, including the date on which the files were
uploaded, and the domain-based email that is available to the user. Deleted email is not available."

And here is how much it costs:
" Basic subscriber records: approx. $20 for the first ID, $10 per ID thereafter
    Basic Group Information (including information about moderators): approx. $20 for a group with a
    single moderator
    Contents of subscriber accounts, including email: approx. $30-$40 per user
    Contents of Groups: approx. $40 - $80 per group"

Re:Get what you pay for

[colourmyeyes]

"Nothing to hide" is not an argument at all. Based on your response, you'd probably find this interesting reading:

'I've Got Nothing to Hide' and Other Misunderstandings of Privacy -- Daniel J. Solove

Cheers