Documents show IRS reads emails without a warrant thanks to outdated law

10 Apr, 2013 23:25 / Updated 12 years ago

New information received by the ACLU regarding the Internal Revenue Service after a Freedom of Information Act request filed last year indicates that the agency does not feel it is necessary to obtain a warrant before reading Americans' emails.

The ACLU sought to obtain disclosure from the IRS about the practices of its Criminal Tax Division, which, as its name implies, essentially oversees the initiation of criminal and civil litigation on tax-related charges.

Though the IRS complied within a reasonable amount of time, divulging 247 pages of documentation in response to the ACLU’s FOIA request, the civil rights group says it avoided directly answering whether it considers warrants necessary before reading private email communications. The agency did, however, essentially disclose that it did not think Internet users had “any privacy expectations” when using email. A 2009 IRS Search Warrant Handbook stated as much:

The Fourth Amendment does not protect communications held in electronic storage, such as email messages stored on a server, because internet users do not have a reasonable expectation of privacy in such communications.”

The ACLU also received a 2010 a presentation given by the IRS Office of Chief Counsel which stated that the 4th Amendment does not protect emails stored on a server and as such there is “no privacy expectation.”

Beyond broad concerns for the privacy of individuals using email, the ACLU is basing its questions and the original FOIA request to the IRS on a 2010 ruling by the Sixth Circuit Court of Appeals in United States v. Warshak, in which evidence collected from 27,000 emails by the government to support charges of mail, wire and bank fraud against several individuals was found to violate the Fourth Amendment.

Up until that ruling, government agencies relied on the strength of the Stored Communications Act (SCA), which allows “a ‘governmental entity’ to compel a service provider to disclose the contents of [electronic] communications in certain circumstances.”

As far as the ACLU is concerned, the Electronic Communications Privacy Act (ECPA) of 1986, of which SCA is only one part, is “hopelessly outdated” and still allows content stored by an email provider that is older than 180 days to be reviewed by the government without a warrant.

Based on information given to the civil rights group, it is now making the case that IRS policy has not changed at all since United States v. Warshak, basing that determination on examples such as the current IRS Manual, which indeed states that no warrant is required for emails stored by an ISP for over 180 days.

Some lawmakers agree with the ACLU that the Fourth Amendment supersedes any interpreted access to email communications granted by the ECPA. It is very likely that at the time the legislation was written, considering the very minor role of electronic mail for most Americans, that it was simply not granted much attention.

According to The Hill, Congress is currently working on new laws to update the ECPA, with a view to enacting standards that will require obtaining warrants before accessing private online communications, including email.

In addition to the IRS, the ACLU has also submitted requests from the FBI and the US Justice Department regarding their own agency policy on email searches, though these are still pending.