The Internal Revenue Service’s latest response in its ongoing privacy lawsuit with James Harper is in, and it seems the U.S. government tax agency is determined to miss the point, according to the defendant’s attorney.
The Department of Justice, representing the IRS, has responded to pushback on its motion to dismiss the ongoing James Harper v. Charles P. Rettig, et al. lawsuit over allegations by Harper that the IRS violated his constitutional rights.
Harper’s case may have widespread implications for privacy laws regarding cryptocurrency users if he wins.
Harper filed a lawsuit against the IRS in 2020 over the governmental body’s alleged overreach in requesting vast amounts of records from the popular exchange Coinbase based on nothing more than users’ volume of cryptocurrency use, according to the plaintiff. The end result was the IRS sending 10,000 letters to crypto holders, warning they may not have paid taxes properly even if, as Harper alleges, they did.
The DOJ initially filed a motion to dismiss the case in December. Harper’s team responded with a motion objecting to that dismissal, which was filed in mid-January. On Monday, the DOJ filed its latest response to that objection, re-emphasizing that Harper’s lawsuit should not be subject to judicial review.
“They are 100% committed to the idea that I’m supposed to raise this issue by filing for a refund on taxes that I voluntarily paid and that I don’t dispute owing,” said Harper in reaction to the filing.
The latest legal filing by the DOJ states that “plaintiff’s remedy here is the same as the remedy available in Florida Bankers Association: if the IRS contends Plaintiff owes a tax, Plaintiff can challenge the [IRS’] actions prior to assessment in Tax Court or, after assessment, through a refund proceeding.”
“If IRS agents broke into my home and rifled my papers, finding that I had no more tax liability, should I file a claim for a refund to address that conduct?” said Harper in a comment shared by his attorneys.
The DOJ declined to comment because the legal case is ongoing.
The case to this point
In August 2019 James Harper received a letter from the IRS. So did 10,000 other people. The letter informed him the agency had obtained his financial records related to owning bitcoin. The IRS said the letter was “educational” and that the receivers had “potentially failed to report income and pay the resulting tax from virtual currency transactions or did not report their transactions properly,” according to an IRS statement at the time.
“Taxpayers should take these letters very seriously by reviewing their tax filings and, when appropriate, amend past returns and pay back taxes, interest and penalties,” said IRS Commissioner Chuck Rettig. “The IRS is expanding our efforts involving virtual currency, including increased use of data analytics. We are focused on enforcing the law and helping taxpayers fully understand and meet their obligations.”
At the time, the move caused an uproar among confused recipients who believed they had complied with all of their tax obligations and was seen as the IRS coming out swinging against crypto holders.
Harper had held his cryptocurrencies at three exchanges: Coinbase, Abra and Uphold. According to Caleb Kruckenberg, litigation counsel at the New Civil Liberties Alliance, which is representing Harper, when he filed the lawsuit in 2020 the legal team received an affidavit from one exchange that it had not disclosed any information to the IRS. At that point, said Kruckenberg, it was down to two and Coinbase was the only one that had been subpoenaed by the IRS.
“We know [Coinbase] got a subpoena from the IRS, which they partially challenged, that dealt with records of owners of bitcoin and they disclosed a lot of information after that,” said Kruckenberg in a phone call. “So that’s likely where [the IRS] got the information.”
IRS data grab?
Kruckenberg said the Coinbase subpoena set wide parameters around the information the IRS was requesting.
“The Coinbase subpoena initially was for every person who used digital currencies, which is Coinbase’s entire customer base,” said Kruckenberg. “There was just a blanket assertion from the IRS that anyone who uses digital currencies was suspicious.”
In an email to CoinDesk, Harper, who is a visiting fellow at the American Enterprise Institute, said he was aware of the IRS’ summons to Coinbase at the time, given it affected two areas he cares about – cryptocurrency and privacy. He actually helped put together a friend of the court brief in the case arguing the summons was invalid. When Coinbase settled, saying it was going to notify the affected customers, he turned to other matters.
At the time he didn’t realize he, in fact, fell within the summons as to transactions of $20,000 or more. While he hadn’t executed a transaction on that level, he had aggregate transactions reaching that threshold. He said he didn’t receive a notice from Coinbase, but recognized it’s possible notice was sent and he ignored or deleted it mistakenly, or that it was auto-filtered to a spam folder.
“So when I got the IRS letter, I was truly surprised and I thought, ‘Okay. This isn’t over,’” he said.
In July 2020, he filed suit against IRS Commissioner Charles P. Rettig in the U.S. District Court for the District of New Hampshire, claiming his records were obtained without a valid subpoena, court order or judicial warrant based on probable cause. In doing so, the lawsuit alleges, the IRS violated his Fourth Amendment rights (which protect against unreasonable search and seizure) “by issuing an informal demand for Mr. Harper’s financial records from a third party even though it lacked any particularized suspicion that he had violated any law,” according to a summary of the case.
The suit also alleges the IRS violated the Due Process Clause of the Fifth Amendment of the U.S. Constitution by “seizing Mr. Harper’s private financial information from the third-party virtual currency exchange(s) without first providing him with notice and an opportunity to challenge the seizure of his property.”
If successful, the case could change third-party doctrine in the U.S. and change the playing field for exchanges and crypto holders,
What is the third-party doctrine?
The third-party doctrine is a key part of constitutional privacy law (or lack thereof) in the U.S., articulated through two Supreme Court cases in the 1970s.
Essentially, in those cases the high court found that if you provide information to a third party, that doesn’t prevent the government from accessing it without a warrant. In the 1970s, these rulings were applied to license plate registrations, phone records and bank records. Eventually, the doctrine would come to encompass information given to Internet Service Providers (ISPs) and emails, with users having “no reasonable expectation of privacy.” But technology has come to permeate all aspects of these records and our lives.
“What happens as society and technology develop to a point where we have no real choice but to give third parties our data in order to live and conduct our affairs?” asked Steven Blickensderfer, a technology and privacy lawyer at the firm Carlton Fields in an email. Blickensderfer reviewed the case but is not involved in it.
The most recent big change to the third-party doctrine occurred in 2018 with Carpenter v. United States, in which the court limited the third-party doctrine’s application by requiring a warrant for police to access personal data like cell site location information from a cell phone company, which is generated by your phone as it constantly communicates with various cell towers.
“That was a win for privacy fans to the extent it placed limits on the third-party doctrine with respect to intimate tracking data generated by smartphones,” said Blickensderfer.
Harper said because he’s active in this area of policy, he knows the law is bad.
“The ‘third-party doctrine’ says that people who have shared personal information with a service provider like Coinbase no longer have a Fourth Amendment interest in the information,” he said. “The third-party doctrine is the death knell of privacy because of the way we use network technology today in every aspect of our lives. Either the third-party doctrine or privacy is going to go away. I hope this case tees up reconsideration of the third-party doctrine in the Supreme Court.”
Harper said that any victory could help.
One of his stated goals is to get a court to recognize that the “John Doe” summons violates due process. Such a summons is executed by the IRS but does not list the name of the taxpayers under investigation because the IRS does not know who they are.
“When the John Doe summons came into existence decades ago it was costly to notify people that their information is being handed over to the IRS,” said Harper. “With today’s technology, it’s easy to notify people before their information is handed over. The balance is different. Advance notice should be required because it’s easy and cheap, and the interest in protecting private financial information has only grown.”
Blickensderfer said the case was notable for the impact it could have on third-party doctrine. The question in this case is whether and how a court will apply that doctrine and the narrowing of it seen in Carpenter to users of cryptocurrencies.
“Do users have a legitimate expectation of privacy in the information they provide to third-party exchanges and wallets in order to obtain and manage their digital assets?” he said. “For some, if not most, privacy is the main reason for using cryptocurrencies, and the answer is clear. But it should not be assumed that this court will agree.”
For his part, Harper said they should.
The impact on crypto privacy could be far-reaching
In response to yesterday’s filing, Kruckenberg said the IRS’ position here is clear cut.
“Heads I win,” he said in an email the evening of the filing. “Tails you lose.”
The Anti-Injunction Act, which the DOJ raised as a way to restrict a federal court’s authority to issue an injunction against ongoing state court proceedings, is a limited prohibition on challenging suits for the assessment of taxes.
But Kruckenberg said the plantiff is suing the IRS in federal court, not state.
“The IRS is trying to extend it to make it to where no one can ever challenge the IRS’ unconstitutional behavior even if it doesn’t relate to the assessment of taxes,” said Kruckenburg.
“This case has never been about how much tax Jim might owe to the IRS. It’s only about how the IRS violated his constitutional and statutory rights. If the IRS were correct, then no one could ever sue the IRS for any constitutional violation, no matter how outrageous, as long as the IRS didn’t then use the violation to calculate tax burdens. That’s simply not the law.”
Read more: California’s Prop. 24 Could Be a ‘Silver Lining’ for Crypto Exchanges Looking to Comply With GDPR
According to Blickensderfer, considering the IRS sent out more than 10,000 of these letters, this case has the potential to have a real and meaningful impact on every owner of a cryptocurrency, just as Carpenter impacted everyone with a smartphone – even if they didn’t know it. It also has the potential to impact the evolution of the third-party doctrine itself.
“Like in data breach cases, the complaint also takes aim at certain promises made by third parties in their privacy policies and terms of service,” he said. “As such, third parties in the space should also pay close attention to this case, to the extent it helps inform their online contracts and subpoena-request processes.”
Blickensderfer said the IRS raised a few procedural and jurisdictional arguments, which, if the court agrees, means there is a possibility that it never reaches the constitutional issues. The filing today shows that may well be the path the DOJ is taking.
“In which case it is only a matter of time before another case raises this issue,” he said.
Reflecting this notion, Kruckenber said that ultimately, the IRS’ effort to dismiss the case is an attempt to keep it from moving forward with the real issues about the data collection.
“I think it speaks volumes that the IRS is trying so hard to keep the court from even considering the merits of what it’s been up to, rather than defending the legality of its data collection,” he said. “Ultimately, it has no defense for its unconstitutional behavior.”