Documents show IRS reads emails without a warrant thanks to outdated law
New information received by the ACLU regarding the Internal Revenue Service after a Freedom of Information Act request filed last year indicates that the agency does not feel it is necessary to obtain a warrant before reading Americans' emails.
The ACLU sought to obtain disclosure from the IRS about the
practices of its Criminal Tax Division, which, as its name implies,
essentially oversees the initiation of criminal and civil
litigation on tax-related charges.
Though the IRS complied within a reasonable amount of time,
divulging 247 pages of documentation in response to the ACLU’s FOIA
request, the civil rights group says it avoided directly answering
whether it considers warrants necessary before reading private
email communications. The agency did, however, essentially disclose
that it did not think Internet users had “any privacy
expectations” when using email. A 2009 IRS Search Warrant
Handbook stated as much:
“The Fourth Amendment does not protect communications held in
electronic storage, such as email messages stored on a server,
because internet users do not have a reasonable expectation of
privacy in such communications.”
The ACLU also received a 2010 a presentation given by the IRS
Office of Chief Counsel which stated that the 4th Amendment does
not protect emails stored on a server and as such there is “no
privacy expectation.”
Beyond broad concerns for the privacy of individuals using email,
the ACLU is basing its questions and the original FOIA request to
the IRS on a 2010 ruling by the Sixth Circuit Court of Appeals in
United States v. Warshak, in which evidence collected from 27,000
emails by the government to support charges of mail, wire and bank
fraud against several individuals was found to violate the Fourth
Amendment.
Up until that ruling, government agencies relied on the strength of
the Stored Communications Act (SCA), which allows “a
‘governmental entity’ to compel a service provider to disclose the
contents of [electronic] communications in certain
circumstances.”
As far as the ACLU is concerned, the Electronic Communications
Privacy Act (ECPA) of 1986, of which SCA is only one part, is
“hopelessly outdated” and still allows content stored by an
email provider that is older than 180 days to be reviewed by the
government without a warrant.
Based on information given to the civil rights group, it is now
making the case that IRS policy has not changed at all since United
States v. Warshak, basing that determination on examples such as
the current IRS Manual, which indeed states that no warrant is
required for emails stored by an ISP for over 180 days.
Some lawmakers agree with the ACLU that the Fourth Amendment
supersedes any interpreted access to email communications granted
by the ECPA. It is very likely that at the time the legislation was
written, considering the very minor role of electronic mail for
most Americans, that it was simply not granted much attention.
According to The Hill, Congress is currently working on new laws to
update the ECPA, with a view to enacting standards that will
require obtaining warrants before accessing private online
communications, including email.
In addition to the IRS, the ACLU has also submitted requests from
the FBI and the US Justice Department regarding their own agency
policy on email searches, though these are still pending.