NetLingo Blog: Let's Talk Tech

A new ACLU report claims the IRS has been accessing emails without a warrant. According to Keith Wagstaff, you might want to reconsider that email to your accountant with the subject line "Hey, thanks for helping me commit tax fraud!" According to the ACLU, the IRS could be reading your emails — even if they don't have a warrant.

The ACLU studied documents released by the Freedom of Information Act and found that, despite the Fourth Amendment's prohibitions against unreasonable searches and seizures, it has been IRS policy "to read people's email without getting a warrant."

Doing so wasn't always illegal because of the Electronic Communications Privacy Act (ECPA), which says that email that has been stored on a provider's server for more than 180 days can be accessed without a warrant. But that should have changed in 2010 when, after hearing United States v. Warshak, the Sixth Circuit Court of Appeals found that "the government must obtain a probable cause warrant before compelling email providers to turn over messages."

The vital question is whether the IRS continued reading private emails without a warrant after that case was decided. The ACLU's report says that the IRS still tells its employees "that no warrant is required for emails that are stored by an ISP for more than 180 days."

So, is it time to start conducting all of your business via carrier pigeon?

Not if you use certain email services. Ryan Gallagher at Slate writes that "not all providers will play along if the IRS is still attempting to obtain emails without a warrant," noting that earlier this year "Google said that it is effectively ignoring the 180-days ECPA loophole by always requiring a search warrant from authorities seeking to obtain user content stored using its Gmail, Google Drive, or other services." Microsoft, Yahoo, and Facebook all told The Hill they adopted similar policies after 2010.

Still, that leaves a lot of people unprotected. CNET's Declan McCullagh points out that the ECPA "was adopted in the era of telephone modems, BBSs, and UUCP links, long before gigabytes of e-mail stored in the cloud was ever envisioned." That's why corporate America wants Washington to change the policy:

A phalanx of companies, including Amazon, Apple, AT&T, eBay, Google, Intel, Microsoft, and Twitter, as well as liberal, conservative, and libertarian advocacy groups, have asked Congress to update the 1986 Electronic Communications Privacy Act to make it clear that law enforcement needs warrants to access private communications and the locations of mobile devices. [CNET]

Until the law is changed, you will just have to, in the words of ACLU staff attorney Nathan Freed Wessler, "hope you never end up on the wrong end of an IRS criminal tax investigation." Good luck with that.