Microsoft Says It Never Meant To Knock Cryptome Offline

CWmike writes "Microsoft withdrew on Thursday its demand that Cryptome.org yank the 'Microsoft Global Criminal Spy Guide' document from the site, and said it had never intended for the whistleblower's domain to be knocked off the Web. 'In this case, we did not ask that this site be taken down, only that Microsoft copyrighted content be removed,' said a Microsoft spokeswoman. 'We are requesting to have the site restored and are no longer seeking the document's removal.' The document, a 17-page guide to law enforcement on how to obtain information about users of Microsoft's online services, including its Windows Live Hotmail, the Xbox Live gaming network and its Windows Live SkyDrive storage service, was published by John Young, who runs Cryptome.org, on Feb. 20. Earlier this week, Microsoft demanded that Young remove the document from his site, citing the Digital Millennium Copyright Act. When Young refused, his Internet provider shut down the site, and Network Solutions, the registrar of Young's domain, put a 'legal lock' on the domain name. The last prevented him from transferring the URL to another ISP. Computerworld blogger Preston Gralla dug into the document today in his 'Leaked Microsoft intelligence document: Here's what Microsoft will reveal to police about you' post."

Fun to hate on MS but...

[slimjim8094]

I'm no fan of Microsoft, but I think they've handled this whole situation correctly.

There's no indication that the document in question was *not* copyright by Microsoft. In this case, the correct legal action is a DMCA, same as if you had a movie up on your site. NetSol is just being a dick, as usual - it's not their responsibility to screw with the domain over the dispute between 2 third-parties unless legally required to (I don't think that's the case here).

In any case, when Microsoft saw how this was about to go all Streisand on them, they decided correctly that it wasn't worth the fight.

I believe them when they said they didn't intend to take Cryptome down. Looks like it was just NetSol being... proactive. So really the only thing they'd be at fault for was sending a DMCA, which is clearly within their rights. They probably have underlings scouring the web and sending DMCAs - so they were probably not delibrately targeted. When it had unintended consequences, they withdrew it.

I don't think MS is at fault here. I actually think they acted quite exemplary.

Re:Fun to hate on MS but...

[malloc]

I don't think MS is at fault here.

Perhaps not at fault (though when PR says "we didn't do anything" you never know if there was a nudge, nudge, "if you want our business I think you know what we want" message to NetSol). Regardless, NetSol sure is at fault!

 

I actually think they acted quite exemplary.

Whoah! You're saying that it is exemplary for a company to actively hide from users the steps it will go through to give personally identifying information about those users to law enforcement? This is only "exemplary" as an example of what not to do. One of John Young's points was that there isn't a legitimate reason to hide this information from users; many other companies do not hide this information, and neither should Microsoft.

All Service Providers Should Have A Clear Policy

[EXTomar]

This stuff shouldn't be shocking to anyone: By law, they will reveal certain things about online services when requested. The problem should be that they don't want you to know what they are forced to give up which seems to be the wrong stance. These services should be function like a bank safety deposit box: Although private, it isn't legally sacrosanct and will be opened by third parties for inspection in certain circumstances.

If nothing else, all of these online services to have a general policy about this as well. If I suddenly croak, who gets access to stuff I stored out there online? Putting the password and other access information in a vault somewhere isn't reliable or sane. I may even state it in my will that I want my immediate family to take ownership of all of my online information but I have no idea how to compel Microsoft or Google or whatever to release these accounts to someone else. This seems like one of those areas all service providers should be better at defining instead of hiding the detail from us in the legalese of the EULA.

Wait wait wait.

[twidarkling]

I think you're on the wrong site. I mean that was a well-reasoned, even-keeled reply in a Microsoft article. Are you sure you're supposed to be on slashdot?

In any event, I agree. I don't approve of the DMCA as it currently exists, but it certainly wasn't being abused in this instance, and Microsoft withdrew it quickly after Cryptome was knocked off. *shrug* Story's pretty much over.

Re:Wait wait wait.

[FlyingBishop]

It seems pretty clear to me that some lawyer at Microsoft screwed up. I do not think that this was a justified use of the DMCA. Just because Microsoft quickly withdrew it does not make the original action proper. The DMCA is for preventing the copying of things that a company offers for sale.

This document, I would say, is more of a trade secret than a work you can seriously copyright.

Re:That's the DMCA for you...

[RightSaidFred99]

If you didn't know there was a law enforcement back door in everything Microsoft does, well, here's your proof.

Who didn't know that? Seriously who doesn't understand that the legal system has provisions to force _any_ company to release _any_ data they have about you?

Re:Who gave Network Solutions a badge?

[sopssa]

Still makes me wonder why the guy got both domain and hosting from the same place. There has been countless of cases with such issues before, either for the host locking domain too (like here) or giving trouble if you want to move hosting elsewhere but keep the domain. Network Solutions, like GoDaddy's, main business is domain registration anyway, not hosting.

Get the domain from a reputable registrar and then hosting from reputable hosting company.

Re:Hell is getting cold`

Microsoft finally has the competition it needs in areas outside of their "core business PC" market to make them need to have a decent image.

Specifically they want to be competitive in search, social networking, on-line gaming and other areas that kinda-sorta require the trust of their end users. If your end users don't trust you, and they have options, they'll just go somewhere else. This story was making it look like Microsoft had something to hide with this law enforcement guide (which it actually doesn't look like they did - it seems like a straight-forward "here's what you need to provide if the cops come with a court order" document) and it was making it look like Microsoft was incompetent (Streisand effect). Neither of which engender "trust" in the public.

Microsoft is already fighting an uphill battle on the trust issue - years of being the biggest monopolistic bully on the block has a tendency to erode trust in your company and make people root for a David to knock you down a peg or three. People have been rooting against Microsoft for decades and while it seems like for a good long time MS just didn't care what other people thought about them, it's beginning to look like they're realizing that they NEED to care what people think of them. For real this time, and not just through a stupid marketing campaign.

Re:Who gave Network Solutions a badge?

[dch24]

However, the domain was effectively disabled - recovery through transferring the domain name was disabled by the Legal Lock.

It is not like John Young was in a dispute over the domain ownership. The Legal Lock was put in place incorrectly IMO.

You missed what's incorrect & newsworthy about

[billstewart]

MS wants to suppress one file, JY refuses, MS sends DMCA letter to Netsol requesting taking down the one file. That's mildly newsworthy because it's cryptome and MS, but that's not the big event. Netsol took down the whole site, not just the one file, which is especially newsworthy because of the importance of cryptome and because it exceeds their requirements, and then Netsol the Registrar locked the domain name, which isn't at all required, and is newsworthy because they're locking domain names for non-domain-related reasons.

And MS is saying "sorry" not only because JY asserted his rights to dispute the DMCA takedown and thousands of people yelled at MS, but because MS is getting blamed for Netsol's overkill overreaction.

Re:Analysis of Statement

[urulokion]

DMCA takedown provisions don't say take down the entire site. The DCMA ways to deny access to the contested content. In this case it was ONE file on a very large web site.

They way a take down is supposed to work is this.
1) Copyright holder sends DCMA take down notice to the hosting company.
2) Hosting company to get a legal safe habor must deny access to the material specified in the take down notice.
3) The party that posted the material can file a counter-notice to the service provider.
4) The server provider then must restore access to the contested material within a period of 10-14 business days.
5) During that 10-14 period allowed the copyright to go to a court and request a Temporary Restraining Order to keep the contented material offline. And then file a lawsuit against the party which posted the material online.

The idea is allow the material to removed quickly from the Internet by the copyright holders to theoretically reduced the damage. And the take down period for the copyright holder to get the restaining order to keep the material offline. And the counter-notice is to notify the hosting provide to say "I'm in the right, put that material back up." And the hosting provider is off the hook from any copyright liability.

Re:Openness

[Fluffeh]

http://cryptome.org/ is back up and has dozens of different companies similar documents from the likes of yahoo, facebook, paypal, myspace, aol, skype, et al.

Since coming back online he has made all of those available at the top of his website because of the interest generated from his temporary censorship.

Hello, Ms Streisand, is that you? I have Mike Masnick on the phone. He says it's important.

If you don't get it click here and join those that do.

Re:Openness

[TubeSteak]

While in contrast, in my understating, for example Google keeps even deleted email somewhere in their networked file system for many many months.

All MS said is that law enforcement can't have e-mail that isn't active in your account.
That isn't the same thing as "we delete everything".
I'm not sure any large e-mail provider can promise that your deleted e-mails are instantly deleted from all backups/mirrors.

Re:Who gave Network Solutions a badge?

[laughingcoyote]

Permission is not required in the instance of fair use. In this case, he was distributing something that was technically copyrighted, but is not in itself a commercial product, and was clearly distributed for the purpose of commentary, criticism, and public interest. Fair use is ultimately only determined by a court case, but those are all strong factors in favor of it.

Re:Openness

[wealthychef]

Thankfully for us most corporations and governments don't realize this. If MS had done nothing the majority of people would have never read this because most people don't visit cryptome or other whistleblowing websites on a regular basis.

I'm not sure it's that they don't realize it. I think it's more complicated than that. First of all, corporations and governments don't "realize" anything, as they are not alive. Anthropomorphizing them leads to errors in analyzing and responding to their actions. "Punishing" them or getting angry at them is a mistake, as they have no feelings.
What is probably happening is that individuals within the corporation responsible for hunting down violations of copyright are not particularly tuned in to the idea of freedom of information for some reason. The only counter-valence to this would be if there were other individuals reviewing their actions who ARE sensitive to that issue or at least the politics of that issue.
This reminds me of the interplay between risk managers and floor traders in large banks, or engineers and managers in large companies, or lots of other examples.