The Internal Revenue Service (IRS) has an oversight body, and according to Motherboard, that oversight body has launched a formal investigation into the IRS’s use of location data without a warrant. The investigation was kicked off after Senators Ron Wyden and Elizabeth Warren demanded that there be a formal investigation. The IRS revealed to Senator Wyden’s office in June that the tax agency had bought a set of location data from a data broker known as Venntel. Venntel gets location data from innocuous apps that send data back home, likely through an embedded SDK, and aggregates them for sale to private parties. According to Wyden’s office, the IRS admitted that the criminals they were hoping to locate using the Venntel data were not in the data set. Motherboard has additionally recently reported that U.S. Customs and Border Protection (CBP) has also purchased Venntel location data.
Smartphone user location data should be protected from the IRS and other agencies
Law enforcement has traditionally relied on the third party doctrine to get location data from telecommunications companies. However, since 2017, Carpenter v. United States has resulted in cell phone location records no longer being accessible under the third party doctrine. In response, law enforcement is now going to marketing and advertising companies that focus on aggregating personal information on internet users including and certainly not limited to location to get the desired location information on targets. The Inspector General wrote in a letter confirming the investigation to Senator Wyden’s office:
“You requested that TIGTA investigate CI’s use of commercial databases in the performance of its duties, and that TIGTA examine the legal analysis IRS lawyers performed to authorize this practice. Your concern is that CI’s use of the data described above may not be consistent with the holding of the Supreme Court in the case Carpenter v. United States.”
The oversight body promised to reveal the results of their investigation:
Even if the government is able to rein itself in and stop agencies from doing illegal things with readily available location data that is technically legally siphoned up from smartphone users’ phones, the fact that that data exists should give us pause. According to a recent survey , the vast majority of Americans believe that at least one app on their smartphone is spying on them. This newly launched investigation into the IRS highlights one of the bad things that can happen with such information being out in the wild.
“Upon compilation, to the extent allowable under the law, we will advise you of the results.”