The IRS bought smartphone location data to hunt down fraud suspects

Multiple government organizations have been purchasing location data from aggregator Venntel. That might be unconstitutional.

Facial recognition and search and surveillance of a person in the modern digital age, the concept. Y...

The United States’ Internal Revenue Service (IRS) is being investigated for obtaining and utilizing smartphone location-tracking data, according to a letter obtained by Motherboard. The investigation was opened after Senators Elizabeth Warren and Ron Wyden called attention to the IRS’ tracking schemes last month.

The new letter was written by Inspector General J. Russel George of the U.S. Treasury. He writes that his office will be conducting a full investigation into the location-tracking practices of the IRS, which would likely be considered unconstitutional given the lack of any warrant obtained by the IRS.

Though the case focuses on just one organization’s practices, it could easily set much-needed precedents for the way consumer tracking data is used writ large. The best-case scenario, really, would be for the case to shine a spotlight on the lack of user privacy around salable location data — hopefully changing policy around that data moving forward.

Wait, how are they even tracking us? — The IRS told the office of Senator Wyden that the organization had purchased a diverse array of location data from a company called Venntel. This data was collected from a variety of smartphone apps.

Venntel is a D.C.-based company that claims a mission of supporting “common interests through technological innovation, data reliability, and proven results.” The company’s specialty, though, is aggregating data from various apps and selling that data to clients like the Department of Homeland Security, the IRS, and the FBI, just to name a few. Customs and Border Patrol paid nearly half a million dollars to Venntel for location data this year.

The IRS purchased location data in the hope of tracking down those accused of crimes like tax fraud and money laundering. The data was specifically purchased with the intention of tracking suspects between 2017 and 2018 — and it didn’t even help the agency locate any of them, so it let the Venntel subscription lapse.

We need more regulation — There is no way for users to track whether or not their location data has been aggregated or sold by companies like Venntel. The vast majority of people using smartphone apps have no clue where that data is going.

This is an ongoing privacy issue that will only continue to get worse until substantial regulation reform has been made. So many government organizations are using location data that users don’t even know is available to them — and, quite often, this data is being retrieved without specific warrants.

As it stands, it’s much too easy for companies and government entities to retrieve user-tracking data without the user ever knowing about it. The government is well aware that this is a huge threat to user privacy — there’s already another probe, led by the House Democrats, into Venntel’s general business activities.

If you’re the optimistic sort, these cases could be the perfect groundwork for the kind of modern regulation we’re so sorely in need of. Or it might just go nowhere, leaving the government to track our every movement at their whim.