Allegedly acting as proxy for law enforcement, intel agencies
By Michael Carl
Yahoo.com is allegedly spying on its customers and acting as a proxy for U.S. law enforcement and intelligence agencies.
According to Wired.com, Yahoo also charges the agencies for the information. That means U.S. citizens’ tax dollars are being used by federal agencies to pay for information gathered in Yahoo’s spying.
A Yahoo customer who asked not to be identified became suspicious of Yahoo’s operations when the image below appeared on his screen while downloading his e-mail.
John Young, who runs the website Cryptome.org, believes the Internet giant is gathering data from customer e-mails for possible disclosure to U. S. law enforcement and intelligence agencies.
Young says Yahoo has a standard operating procedure for e-mail data mining spelled out in the Yahoo Law Enforcement Compliance Manual. Young has posted a copy of Yahoo’s manual on his Cryptome.com website.
Yahoo and its Washington, D.C.-based legal counsel, Steptoe and Johnson, have not responded to WND requests for comment.
The manual says Yahoo records the IP address of any computer involved in a Yahoo e-mail exchange.
“Every message sent by a Yahoo! mail user contains the originating IP address in the header,” the Yahoo manual says. “That is, Yahoo! records the IP address of the computer that was used to send the email, and Yahoo! inserts that IP address in the header of the message. Accordingly, if law enforcement is seeking to determine the IP address from which a Yahoo! e-mail was sent, Yahoo! will have no additional information other than what is visible in the message itself.”
The manual continues.
“The relevant line from the header will generally look like this: Received: from [18.104.22.168] by web41705.mail.yahoo.com via HTTP; Fri, 05 Sep 2003 07:30:05 PDT
“In this example, the IP address in brackets corresponds to the computer from which the message was sent,” the manual states.
Section V of the Yahoo compliance guide says:
“Yahoo! generally will accept service of court orders, search warrants, and criminal grand jury or administrative subpoenas for the production of documents by fax from government entities.”
Then there’s this paragraph a few lines later in the same section:
“Yahoo! will ask law enforcement to certify that the prior or delayed notice provisions have been satisfied if contents are sought with legal process other than a Search Warrant.”
“…with legal process other than a Search Warrant.”
An intelligence analyst and private terrorism investigator who asked not to be named, believes this phrase is key in Yahoo’s willingness to turn over e-mail contents to U.S. intelligence agencies.
Young stands by his actions and what he has written about Yahoo’s surveillance. He believes the public material may be a diversion for deeper surveillance.
“What remains unclear is what are other arrangements between Yahoo and law enforcement and intelligence agencies that are not covered by publicly available material. It is more than probable that the publicly available material diverts attention from these other shenanigans,” Young observes.
He adds that other Internet providers are also involved in surveillance.
“Yahoo is not alone in these customer transgressions, the deceptive practices are widespread among telecommunications and IP providers,” Young asserts.
A story on Mathaba.net states, “Cox Communications, SBC, Cingular, Nextel, GTE and other telecoms and Internet service providers,” or ISPs, are involved in federally sanction data collection.
Young also believes media haven’t done a good job reporting the abuses.
“There’s an abysmal neglect of what the ISPs, OS (operating system) producers, network operators, data farmers and search engines are up to with customer data displayed on the computer screen.”
Yahoo’s legal counsel, Steptoe and Johnson, has contacted Young, acknowledging the compliance guide’s existence and how it facilitates Yahoo’s participation in intelligence and law enforcement investigations.
The letter posted on Cryptome.org reads.
The letter concludes with a threat of legal action.
The series of letters is posted on the Cryptome.org website.