Sunday, 7 February 2010

A look at data retention and law enforcement

Ever since Cryptome was shutdown via a DMCA request by Microsoft, I have been itching to compile a small table that shows how long it should normally take before a popular online service deletes your account. This really applies to just American law enforcement officials, but I am certain that the rules for data retention are the same internationally barring any privacy laws.

So if you're looking to disappear or choose "the right service", this may be a handy little guide to show you how long it takes before your "private" data is deleted off of these systems. This is not a guide on how to delete your items off of these services for the purposes of thwarting law enforcement, but rather a guide to show you how these companies are engaging in data storage.

And for the record: I have been following Cryptome for years and if you're not making it a part of your daily digest, you should.

Quick glance at how the services work themselves out



This is a rough guide on how long these companies will store the data before certain conditions are met. Links to the appropriate guides are also included.












ServiceDateData periodProfile deletionMail deletionEOL deletionDownload
Windows LiveMar-08365 days120 days *120 days365 daysMicrosoft-Spy.pdf (1.7 MB)
AOLSep-08Indef. ***n/aIndef. ***n/aaol-spy.pdf (330 KB)
Yahoo!Nov-0830 days min.n/a4 months18 monthsyahoo.PDF (124 KB)
FacebookFeb-0890 daysn/an/an/afacebook.PDF (167 KB)
MySpaceJun-0610-90 days **n/a30 daysn/amyspace.PDF (53 KB)
Paypal/eBayn/a2 yearsn/an/an/apaypal-guide.pdf (930 KB)
SkypeOct-07n/an/an/an/askype.PDF (27 KB)
MyYearbookn/an/an/an/an/amyyearbook.PDF (34 KB)
StickamSep-0890 days-indef.n/a90 days ****n/astickam.PDF (236 KB)


* As per Microsoft: "If the associated [Windows Live ID] is not used for 365 days from the first day of the 120 day inactivity period, then the associated [Windows Live ID] is deleted." A further explaination is provided later.
** Data is deleted after 10-days unless law enforcement are involved with the account. IP address information is retained for 90-days, however.
*** AOL's statement about data retention is anywhere between 3-days and infinity. A further guide is provided later.
**** User generated content is kept for up to 90-days, but they make mention that the data may still be retrievable.


I made an effort to note down the dates that these documents were supposedly created. With that said, the MySpace guide may be slightly different now than when it was first released. The same probably goes for the rest, especially Skype; but I would wager that any released in 2008 are similar to what they are now.

Some of these documents provided zero information regaridng how long their data retention periods were while in the case of AOL and Stickam, it may be anywhere between 90-days and indefinite. If you go over these documents and then find an error in this document, let me know.

Microsoft and Yahoo! are the only ones who provided an apparent end-of-life for an inactive account. Once the account has been inactive for that period, the data is supposedly deleted permanently. AOL states that it is 120 days for an e-mail account, but doesn't specify for other services.

Lastly, these documents were taken straight from Cryptome. I am not the originator of any of these documents and I am not aware of who leaked them out.

Microsoft's Windows Live service



Besides being the reason for Cryptome's brief downtime, their document is probably the most clear. As well, seeing that they tried to have it yanked off the website in the first place, it's probably up-to-date.

There appears to be a great deal of effort put into explaining how they keep their data as obviously the average law enforcement official isn't likely to be knowledgable in these areas. On top of that, they also provide an interface for these officials to interact with and retrieve data.

Here's how the data retention works for the Windows Live Mail (aka "Hotmail") service:


  • Account Creation - User must sign in within the first 10 days to keep account active.

  • Account will become inactive after 30 days of inactivity. No e-mail content is deleted but the account will not receive e-mail.

  • If account owner does not sign in after 120 days of inactivity, all e-mail is deleted and the account becomes a Windows Live ID only account.

  • If the associated WLID is not used for 365 days from the first day of the 120 day inactivity period, then the associated WLID is deleted.

  • After 365 days of inactivity, the account name is recycled and is available for creation by another customer.

  • Users may self delete an account at any point along this process. The 30 day inactivity period is canceled if someone tries to create the same account name ~or~ attempts to access it. Between 120 and 365 days, users can recreate an e-mail mailbox.



This is really straightforward when compared to the other services--Yahoo! is the only other service that comes close. Live Spaces and MSN Groups works like this:

What Records are Retained and for How Long?
Windows Live Spaces: Only the owner of a Windows Live Space can upload content (e.g. images, documents, videos), and when they do so, the IP address and date and time is also captured. In addition, if someone posts a comment to the blog, Microsoft captures the text of the comments as well as the IP address, date and time of upload and the nickname. These transactional records are retained for 90 days.
MSN Groups: When a manager or member of an MSN Group uploads content, Microsoft captures the IP address and date and time of content upload. These transactional records are retained for 60 days.


Xbox Live data retention isn't very clear, but they do make the point that since the volume of data that goes through that service is rather significant, they want specific time periods. Here's a screenshot that'll show a Gamertag's online activity:


Other images are provided in the document, but this one is the most clear and easiest to adjust.


The document makes mention of other services such as Office Live and SkyDrive. However, no mention is made about retention of data on either of these services.

AOL services



Thanks to AOL's infinite wisdom of sucking up everything and anything on the Internet in the late-90s and early-00's, data retention is anywhere between 3-days and indefinite. My guess is that thanks to the umpteen amounts of branding and the lack or poor attempt of synergy, nothing is easy to explain.

Just to make it clear how messed up AOL is, here are their properties:

  • AOL

  • Compuserve

  • ICQ

  • Netscape

  • AOL Instant Messenger (AIM)

  • AIM.com

  • Xdrive

  • MapQuest



Unlike the other documents, this particular one provides contact information for their Canadian offices in Toronto--kind of unusual and pointless to mention, but.

Before I dive into the complexity of the e-mail service, here are the retention periods for their map service and their instant messaging service:






ServiceData periodIP Logs
MapQuest45 daysn/a
ICQ90 days90 days
AIMn/a90 days


Now for e-mail. Besides what is in the table, AOL's documents does state that 120-days of inactivity (by not logging for 120-days) will result in account deletion.












 Compuserve 2000AOL Mail *
Inbox (New) **27 daysIndefinite
Inbox (Unread)27 daysIndefinite
Read27 days ***Indefinite
Sent27 daysIndefinite
Deleted24 hours7 days
Spam (Unread)n/a5 days
Spam (Read)n/a1 day
Saved Mailn/aIndefinite
Webmail sessions ****
90 days




* Includes both free and paid accounts.
** E-mails marked as "unread" but have been previously opened.
*** As per the document: "3 to 7 days after it is read, or 27 days from deposit (whichever is less)".
**** These are IP connection logs.


This is probably as clear as I am going to make it.

Interesting notes from MySpace



Here's an interesting bit from the MySpace guide (section D, part 2):


  1. Deleted Accounts

    1. Basic user identity information, stored user files, and general records:
      User identity and date in the user profile is generally available for up to ten days after account deletion. Other stored files, such as photos, may be lost at the time of account deletion.

    2. IP address logs
      User ID, IP Address and Login date stamps are retained for up to 90 days after account deletion.

    3. Private user communications:
      No mail (inbox or sent mail) is available for deleted accounts.






Now, before you start thinking that once you delete a MySpace account that it becomes permanently gone afterward, you'll have to read the part that comes in the next section (section E):

MySpace will honor requests by law enforcement to preserve information in accordance with 18 U.S.C. § 2703(f). In response to such requests, MySpace will preserve the specific information identified in the request for 90 days, and for an additional 90 days if the law enforcement entity requests the original period be extended.


So obviously if you're thinking your data is safe in 10-days, it may not be if you're already under investigation.

Paypal/eBay and stolen items



In the scanned document that was released via a leak from Paypal, there is an interesting approach to stolen items.

eBay has partnered with L.e.a.d.s.online to make certain listings and eBay user data available to law enforcement immediately to assist in their investigations. These services are available 24/7 to registered L.e.a.d.s.online customers. L.e.a.d.s.online offers two separate services to assist law enforcement in eBay Investigations: eBay site search and Internet (eBay) Drop-Off Store Search. Visit www.leadsonline.com for more information.
Turnaround Time: Immediate.


From what I can see here, it's unlikely that law enforcement will go to extreme measures to get information on something selling stolen items--like that it is uncommon on eBay in the first place.

With all of that said, eBay will only hold data regarding contact details and transaction history (albeit limited) for a maximum of 12-months after the request and only going back 12-months from that start.

Skype



Being that Skype is a VoIP/IM service with PSTN functionality, having a look at this guide produced no surprises. However, there are a few things from the document that you'll want to keep in mind. Here's an excerpt:

  • Due to the way by which Skype works, Skype does NOT have any records of user "logins", "log offs" or other general online/offline status

  • The Skype system is designed in such a way that voicemail is not centrally stored

  • Calls, IMs and other activities between Skype users do not create billing records



As you had seen in the initial table, there is no information regarding how long Skype keeps its records on file.

Yahoo!



Yahoo! was nice enough in their document to outline their data retention periods in a convenient table! This is copied verbatim from their document.













Record TypeAccessible for?Purged After?
Subscriber InformationAs long as account is active18 months of inactivity or 90 days if subscriber self-deletes account
Account Log-in IP addressesUp to one yearN/A
Email (free or premium)As long as user chooses to keep it4 or more months of inactivity depending on how long user's account was open
Flickr Account Contents, including Flickr EmailAs long a account is active (Email stored as long as user chooses to keep it)Upon deactivation of account
Groups - Activity LogsLife of the GroupMinimum of 30 days after termination of Group
Groups - ContentLife of the Group (only current version of Group stored; not past versions)Minimum of 30 days after termination of Group
Chat/Instant Messenger Logs45-60 daysN/A
Web Messenger Contents
(Yahoo! does not store contents of communications sent via the downloadable Messenger client)
As long as user chooses to keep itN/A
GeoCities, Domains, Web-hosting - Activity Logs and ContentAs long as website or domain is activeMinimum of 30 days after termination of website or domain
ProfilesAs long as the Profile is activeMinimum of 90 days after deactivation


Of course, the Geocities part doesn't apply anymore because it's now closed.

And just a bit more on data preservation from the document:

Will Yahoo! preserve information?

  • Yahoo! will preserve subscriber/customer information for 90 days. Yahoo! will preserve information for an additional 90-day period upon receipt of a request to extend the preservation.


  • If Yahoo! does not receive formal legal process for the preserved information before the end of the preservation period, the preserved information may be deleted when the preservation period expires.



Honestly, Yahoo is probably the most cut and dry out of the bunch after Windows Live.

Closing



Hopefully this will help you choose the right service. I'd love to get my hands on Google's data retention policies, but I guess we'll have to wait and see.

3 comments:

  1. DreamHost is definitely the best web-hosting provider for any hosting services you might need.

    ReplyDelete
  2. Storage equipment may either access a removable recording medium or a permanent component to store or retrieve information. It provides sequential access storage, unlike a disk drive, which provides random access storage. Self Storage

    ReplyDelete