Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cooperating with Internet Service Providers OSCE, Vienna, 24 th October 2008.

Published byGeorgiana Bradford Modified over 8 years ago

Similar presentations

Presentation on theme: "Cooperating with Internet Service Providers OSCE, Vienna, 24 th October 2008."— Presentation transcript:

1 Cooperating with Internet Service Providers OSCE, Vienna, 24 th October 2008

2 2

3 Upcoming activities around public/private partnerships Law Enforcement trainings Germany (March), Egypt (H2), Europol (Dec.) Cybercrime legislation Guidelines on industry/LE cooperation (European Commission, Sept.), Judges trainings Romania (Oct.), Turkey (Oct), Egypt (H2) Child Online Safety events Italy (Nov.), Council of Europe (Dec.), Estonia (March) 3

4 Main next steps Enforcement against Lottery Scams International conference, October European Financial Coalition Combating sale of pictures of sexual abuse of children, Q2 Industry visit to University College Dublin Creating a curriculum for law enforcement, Industry visit Council of Europe Cybercrime Conference Global cybercrime conference 4

5 Microsoft Services Microsoft Confidential For Law Enforcement Use Only

6 Microsoft E-mail Services Many different domains: – @hotmail.com – @msn.com – @live.com – @windowslive.com Country specific domains:.co.uk,.fr,.it,.de,.es,.th,.tk,.co.jp – @hotmail.co.uk Currently all e-mail service data is stored in the U.S. even for country specific domain name accounts. Microsoft Confidential For Law Enforcement Use Only

7 Windows Live Messenger : Instant messaging or chat Microsoft Confidential For Law Enforcement Use Only

8 Office Live Set of online services for small businesses – Office Live Small Business – Office Live Workspace Provides: – A domain name Example: www.northwindtraders.comwww.northwindtraders.com – E-mail accounts with the domain name : Your.name@northwindtraders.com – Web hosting and website design tools Web address: http://officelive.comhttp://officelive.com Microsoft Confidential For Law Enforcement Use Only

9 Evidence to solve a computer crime is often in the possession of ISPs Computer crime is frequently committed through the Internet, over equipment owned by Internet Service Providers ISPs posses evidence regarding the travel-path of data and who received it or stored it. 9

10 TYPES OF INTERNET SERVICE PROVIDERS 10

11 Access providers Providers of access to the Internet. Traditionally the Access Providers are phone companies that provide internet access over the phone network through dial-up service or DSL connections Access providers may provide evidence as to who was using a particular Internet address to connect to other computers Example : 11

12 Web hosting providers Web hosts provide space on an Internet server for clients to host a website or a file storage. The hosting company can provide evidence regarding who rented the web server and who accessed it Example : 12

13 Email hosting providers Email companies store the email content of users They will be able to provide evidence on who owns the email account and who accessed it Because of secrecy of correspondence the content of the email boxes can only be obtained through a Court Order Example: 13

14 Evidence identifying a network end- point IP (Internet protocol) numbers – Designate a network location which is often a geographical location but not necessarily a user identification. Proxy servers and NAT Network Address Translation Open access Wifi networks Internet Cafés 14

15 Reading E-mail Account Records – Registration Records 15 The “Registered From IP Address” is not provided by the user, but is captured by Microsoft’s systems. 15

16 Reading E-mail Account Records – IP Connection History 16  Microsoft retains e-mail account Internet Protocol (IP) connection history for 60 days.

17 Record Retention Policy, some examples 17

18 CASE STUDY: MICROSOFT CRIMINAL COMPLIANCE 18

19 ISP jurisdiction The ISP will have to take into consideration the laws of the jurisdiction under which it operates even when the legal request come from a different jurisdiction. Additionally ISPs need to consider the laws of the jurisdiction in which its servers are located should it not be the same as the jurisdiction of incorporation. 19

20 Obtaining evidence from ISPs like Microsoft Most ISPs have designated employees to respond to criminal compliance requests When receiving a request, a criminal compliance department will examine legal obligations under the jurisdiction of where the data is located and under the jurisdiction of the petitioner Because of the nature of MLATs, ISPs will usually receive court order from both of these jurisdictions Microsoft is following the recommendations of the Guidelines on cooperation between law enforcement and industry of the Council of Europe (April 2008) and of the European Commission (September 2008) 20

21 International Criminal Compliance 21

22 Legal Documentation Required Electronic Communications – Contents of Communications – To obtain electronic communications content (e-mail, including subject line), foreign law enforcement must follow the Mutual Legal Assistance Treaty (MLAT) or Letters Rogatory process. – Upon request, Microsoft will preserve content while the foreign government seeks disclosure through the MLAT/Letters Rogatory process. – Microsoft will accept a written request, signed by the international law enforcement agency, which specifies the information to be preserved. Upon receipt of an official preservation request, Microsoft will preserve data for 180 days. Microsoft will allow an extension of the original preservation for an additional 180 day period. Microsoft Confidential For Law Enforcement Use Only

23 CASE STUDIES International police cooperation Civil actions Criminal referrals

24 Zotob virus Zotob was a computer virus affecting hundreds of companies. It was allegedly written as a work for hire by two Moroccan individuals and used for economic gain by a Turkish individual. Arrests of the suspects was made possible by the exemplary cooperation between Moroccan, Turkish, and American law enforcement together with Microsoft investigations teams.

25 The Spam King Microsoft initiates civil proceedings against Robert Soloway, a.k.a. The Spam King. A civil judgment was rendered in 2005 awarding Microsoft $7.8 million in damages. Microsoft supplied evidence for the criminal proceeding and on March 14 th, 2008, Robert Soloway pleads guilty during a criminal procedure and faces 26 years in prison and $625,000 in fines. He is currently in prison awaiting sentencing.

26  Thank you!  Laurent MASSON  Director for Anti-Piracy and Internet Safety, Microsoft EMEA  lmasson@microsoft.com lmasson@microsoft.com

Download ppt "Cooperating with Internet Service Providers OSCE, Vienna, 24 th October 2008."

Similar presentations

UN Comprehensive Study on Cybercrime

UN Comprehensive Study on Cybercrime
Red Flags Rule BAS Forum August 18, 2010. What is the Red Flags Rule? Requires implementation of a written Identity Theft Prevention Program designed.

Red Flags Rule BAS Forum August 18, What is the Red Flags Rule? Requires implementation of a written Identity Theft Prevention Program designed.
State of play and activities in 2014 March 2014

State of play and activities in 2014 March 2014
Chapter Twenty Navigating the Internet. Objectives To learn about the history of the Internet To examine the infrastructure of our electronic world To.

Chapter Twenty Navigating the Internet. Objectives To learn about the history of the Internet To examine the infrastructure of our electronic world To.
INDIANA UNIVERSITY OFFICE OF THE VICE PRESIDENT AND GENERAL COUNSEL Indiana Access to Public Records Act (APRA) Training.

INDIANA UNIVERSITY OFFICE OF THE VICE PRESIDENT AND GENERAL COUNSEL Indiana Access to Public Records Act (APRA) Training.
Forensic and Investigative Accounting Chapter 15 Cybercrime Management: Legal Issues © 2007 CCH. All Rights Reserved. 4025 W. Peterson Ave. Chicago, IL.

Forensic and Investigative Accounting Chapter 15 Cybercrime Management: Legal Issues © 2007 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL.
John W. McReynolds Assistant Chief, New York Field Office Antitrust Division, U.S. Department of Justice Judicial Training Program Moscow, Russia July.

John W. McReynolds Assistant Chief, New York Field Office Antitrust Division, U.S. Department of Justice Judicial Training Program Moscow, Russia July.
Legal & Political Issues in International Computer Crime Investigation & Prosecution Jennifer S. Granick m.

Legal & Political Issues in International Computer Crime Investigation & Prosecution Jennifer S. Granick m.
Page 1 Presented Insp. Amos Sylvester Trinidad and Tobago Police Service.

Page 1 Presented Insp. Amos Sylvester Trinidad and Tobago Police Service.
INTERNATIONAL COOPERATION Daniel H. Claman Senior Trial Attorney U.S. Department of Justice.

INTERNATIONAL COOPERATION Daniel H. Claman Senior Trial Attorney U.S. Department of Justice.
Remarks of Kristen Pinhey Competition Law Officer Competition Bureau Canada Unannounced Inspections in Canada International Competition Network, 2013 Cartel.

Remarks of Kristen Pinhey Competition Law Officer Competition Bureau Canada Unannounced Inspections in Canada International Competition Network, 2013 Cartel.
Developing a Records & Information Retention & Disposition Program:

Developing a Records & Information Retention & Disposition Program:
Canadian*- US Law Enforcement Internet Governance Cooperative Efforts April 19, 2010 Marc Moreau Royal Canadian Mounted Police Robert Flaim Federal Bureau.

Canadian*- US Law Enforcement Internet Governance Cooperative Efforts April 19, 2010 Marc Moreau Royal Canadian Mounted Police Robert Flaim Federal Bureau.
TC2-Computer Literacy Mr. Sencer February 4, 2010.

TC2-Computer Literacy Mr. Sencer February 4, 2010.
OVERVIEW OF COMPUTER CRIME LEGISLATION IN HAWAII

OVERVIEW OF COMPUTER CRIME LEGISLATION IN HAWAII
Child Protection Register Ongoing consequences of child sex offences and offences relating to non-compliance.

Child Protection Register Ongoing consequences of child sex offences and offences relating to non-compliance.
1 From Filing Cabinet to Desktop and Network: Records Management in N.C. State Government Ed Southern Government Records Branch N.C. Office of Archives.

1 From Filing Cabinet to Desktop and Network: Records Management in N.C. State Government Ed Southern Government Records Branch N.C. Office of Archives.
Role of Technology in Combating Crime Against Woman and Children Presented by Detective Constable Janelle Blackadar Child Exploitation Section Toronto.

Role of Technology in Combating Crime Against Woman and Children Presented by Detective Constable Janelle Blackadar Child Exploitation Section Toronto.
Pennsylvania Child Protective Services Law: Module 4: Reporting and the Role of the Child Welfare Professional Transfer of Learning The Pennsylvania Child.

Pennsylvania Child Protective Services Law: Module 4: Reporting and the Role of the Child Welfare Professional Transfer of Learning The Pennsylvania Child.
The Internet, World Wide Web, and Computer Communication.

The Internet, World Wide Web, and Computer Communication.

Similar presentations

Ads by Google