Facebook Law Enforcement Guidelines

FACEBOOK CONFIDENTIAL AND PROPRffTARY

This guide describes the procedure for requesting data from Facebook, Inc. and

its corporate affiliates ("Facebook") along with the types of data available.

This guide is CONFIDENTIAL and contains Facebook proprietary information.

This guide cannot be redistributed without the express written permission of

Facebook. It is intended for law enforcement use only and is not intended to

create any enforceable rights against Facebook.

Facebook is continuously changing and reserves the right to change any of the

policies described below without notice. However, Facebook wil do its best to

inform law enforcement of any significant changes in the policies and/or

procedures in this Guide or by other means.

If this guide is more than 6 months old, please contact Facebook at

[email protected] for any updates.

V0909.2.AA

LAW ENFORCEMENT USE ONLY

page 1 of 11

FACEBOOK CONFIDENTIAL AND PROPRffTARY

Table of Contents

FACEBOOK LA W ENFORCEMENT GUIDELINES.. ............................................................1

ACCEPTABLE USE POLICY ........................................................................................................... 3

NON-CONTENT AND CONTENT DATA ...........................................................................................3

How TO LOCATE THE UNIQUE FACE

BOOK I.D. NUMBER................................................................... 3

HOW TO SUBMIT A REQUEST ......................................................................................4

DESCRIPTION OF AVAILABLE DATA................................................................................................ 6

User Basic Subscriber Information (B51).............................................................................. 6

User Neoprint....... ............. .................. ...... ..... ........ ..... ............ .............. .... ................... ....... 6

User Photo

print ... .................... ............ .................... ............ ........... ............................. ........ 7

Group Contact Info.............................................................................................................. 7

Private Messages. ......................... .......................... .................. ................ ...... ............. ....... 7

IP Logs .................................................................................................................................7

EMERGENCY DISCLOSURES.... ............. ................... ..... ............ ...... .......... .................. ......... 8

USER CONSENT................................................................................................................... 8

INTERNA TIONAL REQUESTS... ............ ...... ............... ....... .......... ............ .......... .................... 8

SPECIAL REQUESTS ........... ...... ........ .... ............ ...... ... ................... ............. ........ ........... ........ 9

FACEBOOK EMERGENCY DISCLOSURE FORM .................................................................. 10

SAMPLE FACEBOOK USER CONSENT LETTER ................................................................... 11

V0909.2.AA

LAW ENFORCEMENT USE ONLY

page 2 of 11

FACEBOOK CONFIDENTIAL AND PROPRffTARY

Acceptable Use Policy

Privacy

and Integrity are cornerstones of the Facebook application and company

philosophy. Our privacy settings allow an individual to control access to their data

on the site. We actively monitor the site for accounts that try and circumvent our

privacy features, either by technical means or by providing false profile

information. In accordance with our terms of service (see

http://www.facebook.com/terms.php). we wil disable any and all accounts,

including accounts that may belong to law enforcement, which supply false

or misleading profile information and/or attempt to technically or socially

circumvent our privacy measures.

Non-Content and Content Data

Facebook is bound by federal laws, including the Electronic Communication

Privacy Act, Title 18 U.S.C. § 2701, et seq. (ECPA).

Generally, a subpoena will provide you non-content related data. Non-content

data is the basic subscriber information (described below) of the Facebook

profile. Depending on the availability, the remaining data is considered content

and is subjected strictly to ECPA. Generally, a court order under §2703(d) will

provide limited content, for example, messages over 180 days, and a search

warrant will provide you with the remaining content. Further description of the

available data is found below.

How to locate the unique Facebook 1.0. Number

In general, data retrieval is based upon a Facebook user 10 or group 10 and/or

the associated user name or group name. When the Facebook 10 and

associated name are not available, an e-mail address(s) associated with the

account is often the most useful information for locating an account.

While Facebook may accept requests without these types of information, the

additional time required to identify a particular user account will delay response

substantially. In some cases, we may not correctly identify an account without

additional information. We may purge data as part of our normal operations

before we are able to identify a particular user or group if a user 10 or group 10

and associated name are not provided.

Facebook IDs are intrinsic in our URLs. If you have a subject's profile page URL,

you can find the 10 by looking for the string "id" in the URL and passing along the

number immediately following.

V0909.2.AA

LAW ENFORCEMENT USE ONLY

page 3 of 11

FACEBOOK CONFIDENTIAL AND PROPRffTARY

For instance, the user 10 for the following profile is "29445421 ":

http://www.facebook.com/profi Ie. ph p ?id =29445421 ***

Group IDs follow a similar pattern, but the string to look for is "gid". The group 10

of the following URL is 2204894392:

http://www.facebook.com/g ro u p.p hp?g id=2204894392

***Please note that our product continuously changes with new features. In 2009,

we launched "vanity URLs". Instead of a UID in the URL, a user may have a

unique "vanity name" to identify him/herself. Providing the vanity name will also

help identify the Facebook profile.

How to submit a request

Please contact our Security Department at [email protected] to inform

us that a request may be coming, this is especially important if you are interested

in a specific IP log(s) and wish to preserve the account.

Requests may be faxed to + 1 (650) 644-3229, sent via e-mail to

[email protected] OR mailed to:

Facebook, Inc.

Attn: Security Department/Custodian of Records

1601 S. California Avenue

Palo Alto, CA 94304

U.S.A.

In order to help assist us in identifying the requesting agency and the Facebook

profile(s) of interest, please provide the following:

1. Your contact information:

The following contact information is reguired for every request:

· Requesting Agency Name

· Requesting Individual (RI)

· RI Employer-Issued E-mail Address***

· RI Phone Contact, including the extension

· RI Mailing Address (P.O. Box will not be accepted)

· Response Due Oate (Please allow at least 2 - 4 weeks for processing)

***Most of our communication is processed via e-maiL. In addition, if permissible,

the returned data is also sent via e-maiL. You will receive a case number upon

V0909.2.AA

LAW ENFORCEMENT USE ONLY

page 4 of 11

FACEBOOK CONFIDENTIAL AND PROPRffTARY

receipt of an e-mail and/or data. Please always include the case number in any

future correspondence.

2. Facebook User Information:

Please have as much of the following information as possible available, in order

to enable us to identify the proper accounts. Facebook user IDs are preferred.

· Facebook User ID/Graup IDlVanity URL

· User's Full name

· Full URL to Facebook profile

· School/Networks

· Date of Birth

· All known e-mail address(s)

· All known phone number(s)

· Full address

· Period of activity (specific information and date(s) of interest may expedite

your request)

Note Regarding Disabling Account: Pursuant to its terms of use, Facebook will

disable an account if the account is in violation of said terms. If disabling or

restricting user access to the user's profile will jeopardize your current

investigation, you must clearly specify "DO NOT DISABLE UNTIL XX/XX/XXXX"

on all requests submitted to Facebook. If permitted, a further description of the

investigation is also requested.

Facebook generally returns data via e-mail, however if the volume of returned

data is larger than a few megabytes, Facebook wil respond via read only media

(COram or DVDrom). Responses will be in POF or text formats.

Facebook reserves the right to charge reasonable fees, where

permissible, to cover our costs in replying to user data requests.

Preservation of Records

Pending the issuance of your legal document (i.e. subpoena, search warrant),

Facebook will preserve information in accordance with 18 U.S.C. § 2703(f) but

will not produce data until a valid legal request is received. Information required

for Preservation Requests are described as above, and may be submitted by fax,

mail, or e-mailed.

V0909.2.AA

LAW ENFORCEMENT USE ONLY

page 5 of 11

FACEBOOK CONFIDENTIAL AND PROPRffTARY

Please note that Facebook will preserve information for 90 days, however based

on the necessity for the case in question, an extension can be made.

Description of available data

User Basic Subscriber Information (BSI)

BSI is the basic information of a given user profile. It may include the following,

depending on the availability at the time of processing your request:

· User Identification Number

· E-mail address

· Date and Time Stamp of account creation date displayed in GMT

· Most Recent Logins (generally captures the last 2-3 days of logs prior to

processing the request) in GMT

· Registered Mobile Number

· Verification on whether publicly viewable

BSI is delivered in XML format.

User Neoprint

The Neoprint is an expanded view of a given user profile. A request should

specify that they are requesting a "Neoprint of user 10 XXXXXX"

The Neoprint may contain the following elements:

· Profile Contact Information

· Mini-Feed

· Status Update History

· Shares

· Notes

· Wall Postings

· Friend Listing, with Friends Facebook 10's

· Groups Listing, with Facebook Group ID's

· Future and Past Events

· Video Listing, with fiename

If a profie is changed or updated, deleted content is not retained, and cannot be

produced. Any messages deleted by the user are not retained and cannot be

produced. Wall postings deleted by the user may not be retained and may not be

produced.

Neoprints are delivered in PDF format.

V0909.2.AA

LAW ENFORCEMENT USE ONLY

page 6 of 11

FACEBOOK CONFIDENTIAL AND PROPRffTARY

User Photoprint

The Photoprint is a compilation of all photos uploaded by the user that have not

been deleted, along with all photos uploaded by any user which have the

requested user tagged in them. A request should specify that they are requesting

a "Photoprint of user 10 XXXXXX". Deleted photos are not retained.

Photoprints are delivered in PDF format.

Group Contact Info

Where a group is known, we generally provide the creator BSI and/or

administrator BSI. We will also provide a PDF of the current status of the group

profile page. A request should specify that they are requesting "Contact

information for group 10 XXXXXX". No historical data is retained.

Group contact info is delivered as a PDF format.

Private Messages

Private Messages are saved based on user discretion, if the user has deleted

any messages at any point during their activity, Facebook does not keep records

of those messages.

Private messages info is delivered as a POF format.

IP Logs

The system described in our previous Law Enforcement Guidelines regarding the

IP logs data is no longer functionaL. We now have a limited capacity of retrieving

specific logs and are technically limited in providing "everything" within a

requested date range. We are unable to testify to the completeness of the data.

Requests for specific log(s) of interest are now required in order to individually

extract them from a separate tool. The IP logs contain content and will be

subjected accordingly to ECPA.

IP logs can be produced for a given user 10 or IP address. A request should

specify that they are requesting the "IP log of user 10 XXX

XXX" or "IP log of IP

Address xxx.

xxx.

xxx. xxx"

The log contains the following information:

V0909.2.AA

LAW ENFORCEMENT USE ONLY

page 7 of 11

FACEBOOK CONFIDENTIAL AND PROPRffTARY

· (Column One) Script - Script executed. For instance, a profile view of the

uri ''http://www.facebook.com/profile.php?id=29445421'' would populate

script with "profile.php"

· (Column Two) Scriptget - Additional information passed to the script. in

the above example, scriptget would contain "id=29445421"

· (Column Three) Userid - The Facebook user 10 of the account active for

the request

· (Column Four) Viewtime - Oate of execution, in PACIFIC TIME ZONE.

· (Column Five)IP - Source IP address

IP Logs are delivered as a tab delimited text file.

All of the above-described data is continuously under major development.

Therefore, the data may be retained for a longer or short period and may be

produced in one or more files.

Emergency Disclosures

Facebook will provide data pursuant to Title 18 U.S.C. §2702(b)(6)(C) and §

2702 (c)(4) if Facebook believes in good faith that serious bodily harm or death of

a person may occur. An Emergency Oisclosure Form is provided in the

Guidelines and may only be submitted by

a law enforcement agent.

E-mail the Emergency Disclosure Form to [email protected] and include

"Emergency Request" in the subject heading. Facebook will respond within 24

hours to true emergency requests.

User Consent

Facebook will provide data pursuant to the voluntary consent of the user (see

Title 18 U.S.C. §2702 (b)(3) and § 2702 (c)(2)). A template of a consent letter is

provided in the Guidelines. Authentication of the true identity of the user must be

provided along with the consent letter. For example, a notarized consent letter

will be accepted.

International Requests

Oue to the growing popularity of Facebook internationally, we recognize the

needs of international Law Enforcement. Please send requests in accordance

with our guidelines to [email protected].

V0909.2.AA

LAW ENFORCEMENT USE ONLY

page 8 of 11

FACEBOOK CONFIDENTIAL AND PROPRffTARY

Special Requests

The Facebook Security Team may be able to retrieve specific information not

addressed in the general categories above. Please contact Facebook if you have

a specific investigative need prior to issuing a subpoena or warrant.

V0909.2.AA

LAW ENFORCEMENT USE ONLY

page 9 of 11

FACEBOOK CONFIDENTIAL AND PROPRffTARY

EMERGENCY DISCLOSURE FORM

Pursuant to 18 U.S.c. § 2702 (b) (7) and § 2702 (c) and the Facebook privacy policy,

Facebook may exercise its discretion in providing relevant data after reviewing the

provided information below. Please provide as much information in order to enable the

Security team to conduct an appropriate search.

1. Describe the nature of the emergency (i.e. potential bodily har, crime being

committed):

2. Provide the identification of all users involved (Facebook user profie name, ID

number and Date of Birth):

3. Provide the exact location(s) of

the evidence related to the described emergency:

, attest that the above-mentioned facts are true and

Printed Name of authorized Officer

accurate to the best of my knowledge.

Signature and Badge #

Date

V0909.2.AA

LAW ENFORCEMENT USE ONLY

page 10 of 11

FACEBOOK CONFIDENTIAL AND PROPRffTARY

(SAMPLE)

Consent to Release Private Facebook Information

I, (LEGAL NAME), am an account holder with Facebook, Inc. My account name is

(FACEBOOK USERNAME) and my login email address is: . I do

hereby voluntarly authorize Facebook to release the reasonably available data as check-

marked below, from my Facebook account profile for the period of (mmdd/yyyy to

mmldd/yyyy) or 2 years from present date.

I hereby indemnify Facebook, Inc. against all claims for damages, compensation and/or

costs in respect to damage or loss to a third pary caused by, or arsing out of, or being

incidental to release of my data.

My data should be released to:

(CONTACT NAME, PHONE NUMBER, FAX NUMBER, ADDRESS and E-MAIL

ADDRESS)

D Profile

D Status Updates

D Notes

D Mini-feed

D Shares

D Wallposts

D Deleted Wallposts

D Old (over 180 days) Wallposts

D Friends List

D Deleted Friends List (deleted by user)

D Groups

D Events

D Videos

D Recent IP Address Logins

D Applications

D Facebook Message Box

D Photos

Affiant's Signature

Date

Notary Public/Individual Duly Authorized to Administer Oath:

V0909.2.AA

LAW ENFORCEMENT USE ONLY

page 11 of 11