Granted, few of us remember the lesson of Al Capone.  When the G-men couldn’t get him, the IRS could. While we pay a great deal of attention to some alphabet agencies who tend to spend much of their time walking about with guns, we think of the IRS more as accountants in basement offices making our lives miserable by compelling us to give up our hard-earned income so that Congress can squander it their way.

But the IRS has its own law enforcement arm, and they can be just as intrusive as anyone else.  Via Hillicon Valley :

The Internal Revenue Service (IRS) has claimed that agents do not need warrants to read people’s emails, text messages and other private electronic communications, according to internal agency documents.

In a 2009 handbook, the IRS said the Fourth Amendment does not protect emails because Internet users “do not have a reasonable expectation of privacy in such communications.” A 2010 presentation by the IRS Office of General Counsel reiterated the policy.

The ACLU FOIL’d the Internal Revenue Service to find out what they were up to, and, surprisingly, got a response.

The IRS has now responded by sending us 247 pages of records describing the policies and practices of its criminal investigative arm when seeking the contents of emails and other electronic communications.

Kind as it was for the IRS to disclose its policies and practices, it turns out that our privacy isn’t their first concern.  If you’ve followed the discussion about the Electronic Communications Privacy Act (ECPA), particularly in conjunction with the Third Party Doctrine, the IRS’s position won’t come as too much of a shock.

Notably, the IRS is aware of the one decision that holds that warrants are required for emails even though they’re in the hands of third parties.

Luckily, the Fourth Amendment still protects against unreasonable searches by the government. Accordingly, in 2010 the Sixth Circuit Court of Appeals decided in United States v. Warshak that the government must obtain a probable cause warrant before compelling email providers to turn over messages.

Unfortunately, they are also aware of geography and jurisdictional limits.

However, the IRS hasn’t told the public whether it is following Warshak everywhere in the country, or only within the Sixth Circuit.

While the efforts of the ACLU and others to “fix” the ECPA so that the irrational distinction drawn between emails that have been opened or held on a third party server for 180 days or more, which require no warrant to read, are appreciated, I have serious doubts that an ad hoc legislative fix, if one is even coming, has any real potential to protect us from the prying eyes of the IRS, or any other government agency.

Should Congress suddenly grow a pair serious concern for the rights of citizens’ privacy, at the expensive of quick and dirty law enforcement, it both removes the issue from the table of the courts establishing the parameters of our constitutional rights in a digital world.  And what Congress gives, it can take away.  Even if they amend the ECPA to require a warrant, it’s merely a vote away from disappearing if it’s not of constitutional proportions.

The core question is whether the Third Party Doctrine that undermines Fourth Amendment rights should withstand constitutional scrutiny in a digital world.  Few of us give much thought to the fact that essentially everything we do finds its way online, and everyone online finds its way onto someone else’s server. 

Think about all those “cloud based solutions” that are all the rage, and sit in machines that other people own.  They may be safe from fire and hackers, but they are putty in the hands of the government. Every time we give up our personal or confidential information to someone else to hold, we give up our right to privacy from governmental intrusion with it.  Not too many think about it that way, but that’s how the doctrine works.

As  Justice Sotomayor recognized in her concurrence in United State v. Jones, the time is coming to reconsider whether the Third Party Doctrine spells the death of privacy in the digital age. 

More fundamentally, it may be necessary to reconsider the premise that an individual has no reasonable expectation of privacy in information voluntarily disclosed to third parties. E.g., Smith, 442 U. S., at 742; United States v. Miller, 425 U. S. 435, 443 (1976). This approach is ill suited to the digital age, in which people reveal a great deal of information about themselves to third parties in the course of carrying out mundane tasks. People disclose the phone numbers that they dial or text to their cellular providers; the URLs that they visit and the e-mail addresses with which they correspond to their Internet service providers; and the books, groceries, and medications they purchase to online retailers. Perhaps, as JUSTICE ALITO notes, some people may find the “tradeoff” of privacy for convenience “worthwhile,” or come to accept this “diminution of privacy” as “inevitable,” post, at 10, and perhaps not. I for one doubt that people would accept without complaint the warrantless disclosure to the Government of a list of every Web site they had visited in the last week, or month, or year. But whatever the societal expectations, they can attain constitutionally protected status only if our Fourth Amendment jurisprudence ceases to treat secrecy as a prerequisite for privacy. I would not assume that all information voluntarily disclosed to some member of the public for a limited purpose is, for that reason alone, disentitled to Fourth Amendment protection.

Protip for Justice Sotomayor: Expect to be audited this year. Just sayin’.

H/T Rick Horowitz