IRS Could Search Warrantless Location Database Over 10,000 Times

The IRS was able to query a database of location data quietly harvested from ordinary smartphone apps over 10,000 times, according to a copy of the contract between IRS and the data provider obtained by Motherboard.

The document provides more insight into what exactly the IRS wanted to do with a tool purchased from Venntel, a government contractor that sells clients access to a database of smartphone movements. The Inspector General is currently investigating the IRS for using the data without a warrant to try to track the location of Americans.

"This contract makes clear that the IRS intended to use Venntel’s spying tool to identify specific smartphone users using data collected by apps and sold onwards to shady data brokers. The IRS would have needed a warrant to obtain this kind of sensitive information from AT&T or Google," Senator Ron Wyden told Motherboard in a statement after reviewing the contract.

Venntel sources its location data from gaming, weather, and other innocuous looking apps. An aide for the office of Senator Ron Wyden, whose office has been investigating the location data industry, previously told Motherboard that officials from Customs and Border Protection (CBP), which has also purchased Venntel products, said they believe Venntel also obtains location information from the real-time bidding that occurs when advertisers push their adverts into users' browsing sessions.

One of the new documents says Venntel sources the location information from its "advertising analytics network and other sources." Venntel is a subsidiary of advertising firm Gravy Analytics.

The data is "global," according to a document obtained from CBP.

Venntel then packages that data into a user interface and sells access to government agencies. A former Venntel worker previously told Motherboard that customers can use the product to search a specific area to see which devices were there, or follow a particular device across time. Venntel provides its own pseudonymous ID to each device, but the former worker said users could try to identify specific people.

The new documents say that the IRS' purchase of an annual Venntel subscription granted the agency 12,000 queries of the dataset per year.

"In support of Internal Revenue Service (IRS) Criminal Investigation's (CI) law enforcement investigative mission, the Cyber Crimes Unit (CCU) requires one (1) Venntel Mobile Intelligence web-based subscription," one of the documents reads.

"This allows tracing and pattern-of-life analysis on locations of interesting criminal investigations, allowing investigators to trace locations of mobile devices even if a target is using anonymizing technologies like a proxy server, which is common in cyber investigations," it adds.

In June, Wyden's office first found that IRS CI tried to use Venntel's tool to identify and track criminal suspects between 2017 and 2018. The attempt failed, The Wall Street Journal reported at the time. But the agency still used the granular location data without a warrant. After being asked to do so by Senator Elizabeth Warren and Wyden, the body tasked with oversight of the IRS said it was launching an investigation, and looking in particular at what legal basis the IRS followed to use the data. In 2018, the Supreme Court ruled in Carpenter v. United States that the collection of significant amounts of historical phone location data is considered a search under the Fourth Amendment, and so requires a warrant to obtain.

"I’m glad that the Inspector General agreed to our request to investigate this potential unconstitutional abuse of power by the IRS and its purchase of people’s mobile location history from a shady data broker, and potentially others, without a warrant. The IRS is not above the law, and we must ensure that people and their rights under the 4th Amendment are protected,” Warren told Motherboard in a statement.

CBP, for its part, has refused to tell Congress the legal argument it followed that allowed the agency to track Americans without a warrant.

"The only reason the IRS went to Venntel instead was to buy their way around the 4th Amendment. I’ll be introducing legislation in the next few weeks to close this loophole and ensure that Americans rights are protected," Wyden's statement added.

Neither the IRS or Venntel responded to a request for comment.