ACLU: IRS docs on warrantless email search show why we need reform

Josh Peterson Tech Editor
Font Size:

Recently revealed IRS documents suggesting the agency’s criminal division engages in warrantless email surveillance show that the country’s 27-year-old privacy law need to be updated, says the American Civil Liberties Union.

The Electronic Communications Privacy Act (ECPA) — first passed in 1986 — originally defined what federal agents could and could not do in order to access electronic communications necessary for an investigation.

The ACLU  is part of a broad, bipartisan coalition of conservative and progressive advocacy groups, businesses, think tanks and politicians supporting reform of the law in order to strengthen Fourth Amendment rights.

Digital 4th, the lobbying arm of the coalition, consists of the ACLU, Heritage Action for America, Americans for Tax Reform and the Center for Democracy & Technology. Digital 4th has launched a petition on its website reading in part, “Government officials should be required to get a warrant to access access my private online documents and communications, like emails and text messages, just like they would for paper documents stored in my home.  It is time for Congress to update ECPA.”

The coalition argues that the 1986 law was designed for now-outdated technologies. Now ECPA is being applied to an environment where massive amounts of electronic information — which includes emails, text messages, instant messages and even location information — are collected and stored online.

Under ECPA, law enforcement is required to obtain a warrant in order to access emails that have been stored on an email provider’s server for less than 180 days.

Nathan Wessler, Staff Attorney for the ACLU Speech, Privacy & Technology Project, recently told The Daily Caller that the push for requiring law enforcement to obtain a warrant for private electronic communications and location information — regardless of the age of the message — cut across ideological boundaries.

“One thing that these IRS documents show is that law enforcement agencies are likely to continue using as many investigative methods as they can until either a court or Congress steps in and clearly defines the lines of what’s legal and not,” said Wessler.

“Because our electronic communications can include some of the most very private things about us — religious affiliations, political views, and medical information and romantic interests — it looks like we can’t just trust the agencies to restrain themselves,” Wessler continued.

“We really need Congress and the courts to come in and set the boundaries,” he said.

Wessler acknowledged, however, that a lower legal standard should be applied in cases of imminent threat or a national security emergency.

“If its truly an exigent circumstance, then everybody agrees that there’s a limited exception, and they can try to protect life at risk or somebody that’s about to be a victim of a crime,” he said.

Internal emails obtained from within the agency’s criminal division through a Freedom of Information Act (FOIA) request by the ACLU seem to indicate the IRS’ criminal division believes its employees can can read emails without first obtaining a search warrant.

The IRS denied the allegations, stating, “Contrary to some suggestions, the IRS does not use emails to target taxpayers.”

“Any suggestion to the contrary is wrong,” it said.

In 2010, the Sixth Circuit Court of Appeals decided in United States v Warshak that law enforcement must obtain a probable cause warrant “before compelling email providers to turn over messages.”

The ACLU argued that the IRS documents revealed that not only does the agency’s criminal division not always follow Sixth Circuit Court’s ruling, but the agency does not believe that the Fourth Amendment applies to emails.

Prior to the Warshak decision, “a presentation by the IRS Office of Chief Counsel asserts that the “4th Amendment Does Not Protect Emails Stored on Server” and there is “No Privacy Expectation” in those emails,” said Wessler in a blog post accompanying the documents.

The documents, he said, also “corroborate that the IRS did not get warrants across the board.”

Following the Warshak decision, internal IRS criminal division emails about how to deal with the change in the law discuss the ECPA standard, but make no mention of what the tax collector’s policy is toward emails on a provider’s servers older than 180 days.

For example, when asked in January 2011 by a colleague about whether there was any fallout from the Warshak decision, Martin Needle — Special Counsel for the Criminal Tax division — replied, “I have not heard anything related to this opinion.”

“We have always taken a position that a warrant is necessary when retrieving e-mails that are less than 180 days old,” Needle wrote in a 2011 email.

While the documents obtained from the agency do not directly address whether the IRS always gets a warrant during its investigations of private emails, Wessler said that “they suggest otherwise.”

Even the current version of the Internal Revenue Manual, Wessler argued, which is the IRS’ official internal operations manual, does not show any change to the agency’s surveillance policy since 2010.

“It really is pretty shocking that in 2013 we still don’t know what the standards are that federal law enforcement agencies are using when they read our most private communications via email and other means, so it’s important that they tell us what they’re doing,” Wessler told The Daily Caller.

Follow Josh on Twitter