IRS Now Says It Has Lost Emails From Six More Accounts Tied To The Investigation Of Its Targeting Of Tax-Exempt Groups
from the evil-or-just-stupid? dept
The IRS recently blamed a “computer crash” for the disappearance of two years of email correspondence involving Lois Lerner, the IRS official at the center of the controversy surrounding the agency’s apparent targeting of certain non-profit groups (Tea Party, Occupy, open source).
Apparently, this computer crash also destroyed any backups of the email between Lerner’s office and outside government agencies, along with the hard copy backups IRS employees are required to maintain as part of its public records obligations. The latter part of that hasn’t been specifically denied, but it’s assumed no one’s rounding up email printouts at the moment. As is the new Standard Operating Procedure for Grandstanding, a Congressman has demanded the NSA hand over the metadata on the missing Lerner emails.
Now, it appears that Lois Lerner’s computer crash was only part of a much larger series of well-timed computer crashes.
The Internal Revenue Service says it can’t produce e-mails from six more employees involved in the targeting of conservative groups, according to two Republicans investigating the scandal.
The IRS recently informed Ways and Means chairman Dave Camp and subcommittee chairman Charles Boustany that computer crashes resulted in additional lost e-mails, including from Nikole Flax, the chief of staff to former IRS commissioner Steven Miller, who was fired in the wake of the targeting scandal.
The question is still: conspiracy or colossal screwup?
Certainly the fact that emails and accounts directly related to the investigation are missing data from the crucial 2009-2011 period does make it look like the agency’s hiding something. But the possibility that this is can be chalked up to regular government ineptitude is never too far away.
As was noted earlier (in the IRS’s own documentation no less), the agency uses Microsoft Outlook and Exchange, which would suggest that further backups exist, as does (again) the IRS’s own statements. John Hinderaker at Power Line quotes the IRS on its backup processes.
For disaster recovery purposes, the IRS does a daily back-up of its email servers. … Prior to May 2013, these backups were retained on tape for six months, and then for cost efficiency, the back-up tapes were released for re-use. In May of last year, the IRS changed its policy and began storing rather than recycling its backup tapes.
This means that older backups no longer exist, at least anything “taped over” prior to the change of policy. One wonders why the agency was allowed to recycle backups when much of what’s being backed up is subject to public records laws. But to make the situation even worse, the IRS greatly restricted the number of emails each employee could retain.
Currently, the average individual employee’s email box limit is 500 megabytes, which translates to approximately 6,000 emails. … Prior to July 2011, the limit was lower, 150 megabytes or roughly 1,800 emails.
As Hinderaker points out, someone in Lerner’s position could run through that allotment in just a few days, meaning she would most likely begin archiving them to her own computer, something that could actually destroy emails when it crashed.
But this doesn’t excuse the missing email, although it does help explain it. As the IRS’s own policies note, archiving email to local storage is not an adequate solution and does not comply with public records regulations. So, Lerner and the six others affected should have had hard copy printouts of every email that could possibly be considered a relevant public record. Apparently, they don’t and it’s highly unlikely that many IRS officials take this Luddic requirement seriously.
Even with this additional information, the coverup theory isn’t completely dispelled. One computer crash nuking vital emails is unfortunate. Six computers all taking out relevant email from a specific time period goes far past coincidental. The fact that the IRS hid this from the investigatory committee for months before finally “revealing” it on page 15 of a 27-page letter lends more credence to those who feel there’s been a concerted effort to keep information buried. It also should be noted that the IRS itself has not stepped up and explained how something like this could happen (other than saying “computer crash”). Anything pertaining to the IRS’s regrettable backup “solutions” and absurdly tiny email storage has been uncovered by the research of others. So, until the agency has anything further to add, the scale remains perfectly balanced between “malice” and “stupidity.”
Filed Under: congress, dave camp, destruction, emails, evidence, irs, lois lerner, records
Comments on “IRS Now Says It Has Lost Emails From Six More Accounts Tied To The Investigation Of Its Targeting Of Tax-Exempt Groups”
The investigation should treat all the destroyed/’lost’ emails just like destroyed evidence in a court case, that is assume that they contained incriminating evidence and act accordingly.
Re: Re:
What we’ve learned recently is that it’s generally impossible to imagine how bad the situation with the US government really is. So even if they assume the lost emails contained emails directly from Obama requesting the IRS to target his enemies list, the truth is likely worse.
Perhaps the emails came from the NSA and asked the IRS to target the people who were not vocal enough in their support and mentioned they had already caused their enemies to no longer be with us. (God I hope this is wrong.)
Without the emails, it’s really impossible to know how bad it is.
Re: Re:
I run a couple mail servers. We do nightly backups. But I can’t meet the “evidence in a court case” standard. Even without computer crashes.
– Deciding not to reuse tapes is all very nice, but at $80 a tape and no budget for constant replacements, it ain’t happening.
– Every once in a while a user’s copy of Outlook – or Outlook Connector – will decide to archive everything older than 90 days. And remove it from the email server. And store it in a hidden directory on the workstation where it’s not backed up. The email administrator is not informed in any way. And since we’re talking about email several years in the past here, that archive is gone when the workstation is upgraded.
– Every once in a while someone will buy a new phone or tablet, and the person selling it will set up their email on it. And they’ll inevitably use the default POP3 protocol rather than IMAP. And so before the customer leaves the store, their new device has downloaded all their email and REMOVED it from the server. Again, the email administrator is not informed in any way. And even if they were, restoring from the previous night’s backup is out of the question, since that would wipe out everyone else’s email activity since the backup.
– If a user IS using IMAP, and they delete an email the same day they send or receive it, it’s gone from the server before the nightly backup.
The solution is archiving software – an email server add-in that backs up each message as it goes through the server rather then waiting for the nightly backup. Such things exist. The cost, combined with the cost of a second server and a second set of backup tapes, will be “taken under advisement” by your manager.
Until after a scandal like this one.
Re: Re: Re:
A well-designed mail server should (and, I think, can) be able to be configured so that none of those issues, except for the “cost of replacement tapes” factor, will result in the loss of the E-mails.
One way to do it would be for the server to simply split off and archive everything that comes in, before it gets to the point of being visible on the server where a mail client could see it – just as the server can pull out mail it judges to be spam, before that mail gets to where a client has a chance to see it.
Another way would be for the server to respond to a client’s “delete this message from the server” request (whether POP3 or otherwise) by either flagging the message “don’t show”, or outright archiving it on the server end (and removing it from where the user’s account can access it, and ceasing to count it against the user’s storage allotment), but not by actually deleting it.
The latter solution wouldn’t address the IMAP issue you cite (at least not without opening the server up to a DoS from excessive disk-space consumption), but I think the former would.
Also, I’d think a well-designed backup system would let you restore individual E-mails – or at least individual accounts – rather than only the entire backed-up data set at once…
Re: Re: Re:
Er. I now see that you mentioned at least one of my cited solutions yourself; I just didn’t parse your comment correctly. Sorry for the noise.
“The question is still: conspiracy or colossal screwup?”
Why not both?
Re: Re:
“Never attribute to malice that which can be adequately explained by stupidity.”
— Hanlon’s Razor
“Sufficiently advanced stupidity is indistinguishable from malice.”
— Clarke’s Corollary
Re: Re: Re:
Of course, but then the US Government, in its current incarnation, seems to be extremely petty and vindictive when it comes to imformation requests.
Re: More corrupt than screwup (my new rap theme)
They “lost” all remaining emails after the MS news outlets didn’t even mention the Lois Loser lost emails.
News outlets are covering for this armature administration and the corrupt entities they agree with, i.e. the IRS targeting non-liberals.
Next question:
Who was in charge of IT at the IRS during the time period in question, and is that person still employed?
Re: Next question:
They’ll probably fire Bob from Tier 1 IT support who had absolutely nothing to do whatsoever from the backup or maintenance of any of the items in question as a show while all the leadership who made all the decisions remain untouched.
See? We fixed the problem.
Re: Next question:
He’ll probably get a promotion for ensuring that incriminating information was ‘accidentally’ deleted.
conservative groups?
C’mon, really? You’re not even gonna call bullshit on them pretending the IRS is targeting conservatives when 2 of the 3 groups mentioned are obviously not conservative?
Then again, you are quoting The National Review, a giant WTF all by itself.
Re: conservative groups?
We already know that more non-conservative groups were targeted and reviewed. It just suggests to me that something more deeply stupid and weird is going on in Coverupistan.
Re: Re: conservative groups?
It’s probably a false flag operation being conducted by Darrell Issa,
Something is rotten in the state of Denmark. And it sure as hell ain’t Danish blue cheese.
Deliberate destruction of those E-mails is prima facie obstruction of justice. On the other hand, if it is stupidity, it is the most boneheaded stupidity one can possibly imagine, and the entire IT department of the IRS should be fired immediately for incompetence, losing all pension and benefits.
No biannual/annual backups?
“For disaster recovery purposes, the IRS does a daily back-up of its email servers. ? Prior to May 2013, these backups were retained on tape for six months, and then for cost efficiency, the back-up tapes were released for re-use.”
Which is sensible, but there should have been long-term retention of selected sets. As a rough (very rough) example, “keep the backups from the 15th of each month for 3 years”, “keep the backups from the 15th of Jan, Apr, Jul, Oct for 6 years”, “keep the backups from the 15th of Apr and Oct for 10 years”. Schemes like this — and there are many of them, with their advantages and disadvantages — provide at least partial coverage of time periods increasingly in the past while not requiring a warehouse of tapes.
I also find myself wondering why they didn’t interpose a monitoring MTA in between the Exchange server (ugh) and the outside world, with that MTA configured to silently copy EVERYTHING to sufficiently large storage that was itself backed up and which used rotated-by-day files that were never truncated — only deleted once they were verified to exist on (say) 5 or 9 or 17 backups. This would provide comprehensive coverage of all email traffic and it would insulate against single-tape failures — which of course become more common as tapes age.
Neither of these is a “solution”, per se; they’re back-of-the-envelope grade outlines of solutions. But I would think (and hope) that the IRS has personnel who’ve thought through these issues in detail and engineered workable, tested solutions that achieve compliance with record retention statutes/regulations.
Multiple counts of both is more like it.
Email
> Currently, the average individual employee’s
> email box limit is 500 megabytes, which
> translates to approximately 6,000 emails
I work for a federal agency, using Microsoft Exchange, and our inboxes are limited to 300 MB. About every two weeks, I start getting little auto-generated nastygrams from the system that says my inbox is close to full and that I need to do some housecleaning.
I’ve often thought how ridiculous it is that the limit is so low, considering that a single email attachment these days can easily be half the total storage alotment per user.
So when I get audited by the IRS, I can claim computer crash as a valid reason for not being able to reproduce any needed “evidence” for the audit???
Re: Re:
Hahaha no, if your average citizen tried this when dealing with the IRS, they’d be behind bars or facing criminal charges within the week.
Re: Re:
no just tell them you sent the information to louis lerner in an email attachment during the time the emails disappeared, what can they say then?
Re: Re: Re:
“Send it again.”
IRS Standards
Can taxpayers challenge the IRS because of their demonstrated backup policy is inadequate?
Malware
A rash of computer crashes is also not unbelievable, if they had a common cause, such as a spreading malware infection.
In particular, one wonders if the IRS came down with a nasty case of Cryptolocker back when that was doing the rounds…
I lost that audit letter, too. Weird, right? I’m glad the IRS is so forgiving about these things.
Puzzled
I am puzzled as to how a computer crash could destroy a backup on tape.
Presumably, when a computer crashes (realistically, a hard disk crashes) the data is restored from the backups and then resumes being backed-up in the normal cycles. Or was there just a collective shrug of the shoulders after a disk crash?
I am reminded of the scene in “Yes Minister” when he refers to 1967 as a marvellous winter:
Simple ... Emails go somewhere
All of these emails went somewhere. All of those computers didn’t crash. Now let’s see… Barry, we need to examine the emails of the whitehouse… all of them….
That is electronic communications. Can’t the NSA just give us access to their copies of the email?
Government Speak: “The computers crashed all around the same time.”
Translation: “The dog ate my homework.”
Best Practices
Interesting how these things work.
I remember the Bush administration losing a ton of mails when they used their private/for work server shared between republicans. Did that ever get resolved?
Seems the U.S. government could benefit from some pretty widespread best practices utilized by all political parties.
Just a thought, isn’t HTML a derivative of the government markup language. They used to know what they were doing.
The IRS policy makes perfect sense, if the purpose is to limit ANY investigation. It makes it simple to destroy evidence, regardless of any judges rulings or congressional requests.
analyze this
(prediction sarc)
Next, we’ll be analysing email headers and arguing about software and RFC’s.
Meanwhile there’s been plenty of time to setup two servers running backdates and re-email a parallel construction in secret, edit the logs and wipe the data, presenting the new “parallel data” and logs show harddrive fail (or some such nonsense)
Slap on a “state secrets” stickers, “privacy stickers” and
“NEXT!”
This is BS
The IRS can audit any taxpayer for as far back as 7 years and so we are expected to keep our financial records at least that long. But the IRS can just ignore the laws expecting them to keep records to show accountability with the public whenever it might be slightly inconvenient to its management when engaging in ethically dubious behavior. Great.
Re: This is BS
“when engaging in ethically dubious behavior.”
You mean like targeting liberal groups?
Just remember folks, all of the people involved have 30-50 more years of life that they have to get thru without the truth coming out. They are screwed and any plans for a peaceful retirement are gone for them.
We will get them in the end. A 70 year old being charged with treason is just as good as a 40 year old being charged with treason.
Knee jerk reflex or covering for suckitude?
It may well be that many government agencies have developed such a bunker mentality in regards to releasing information to the public that they simply don’t have the institutional ability to maintain records as they should.
As for covering up a conspiracy, the scandal that’s been hyped isn’t particularly scandalous. The IRS was denying charitable status to organizations that pretty egregiously did not fall within the guidelines- *shock*. The charge that it was a matter of selective enforcement has mostly fizzled upon finding that groups from across the ideological spectrum were examined. I doubt that there would be much more meat in any emails as far as showing some partisan war on conservatives. What I think might be there is a chain of emails from Lerner or other high ranking officials showing them absolutely adrift in determining what to do about the flood of inappropriate c4 applications.
This is the agency that has been repeatedly taunted by pastors organizing events around defying the ban on religious c3 groups engaging in electioneering. Up until this scandalous crackdown, political operations were routinely organizing as charitable groups with no repercussions. Even in cracking down on political non-profits, the targeting was awfully tentative. The existing behemoths that operated in the recent elections got a pass, and most of the groups that made it on the naughty list were not only explicitly in violation of the tax code, but were relatively amateurish local organizations.
In all, the IRS has absolutely sucked at policing tax-exempt groups and the best motive I can make out for them to stonewall is that they want to hide their incompetence rather than any partisan wrongdoing.
I’m learning from the best about how to properly and legally destroy evidence. Stall handing over information for a few years, then say all the backups have been recycled and the server crashed.
I don’t think this excuse would fly for anyone, except for a unaccountable government agency being provided with cover from the White House and DOJ.
The dog ate my homework.
The dog ate my homework.
Every time my PC crashes, I lose old saved documents from years ago…that weren’t open and being edited…
Re: Re:
ANd all the printouts in your drawers and pinned to the walls all vanish at the same time?
It would be more realistic to just say “erm..terrorists did it!”
Re: Re: Re:
Who prints out emails and pins them to their walls?
Re: Re: Re: Re:
Have you ever worked at a law firm? (And they keep telling us they’re trying to go paperless.. HA!)
The most transparent administration in history?
So this is the most transparent administration in history? I would agree, it is so transparent you can see right through their lies.
Of course the easiest solution (as used previously by this and the previous administration) is simply to declare anyone asking for these emails to be an enemy combatant….drone strike/mysterious suicide in 5.4.3.2.1…hey presto! no more scandal
501(c)4
I really don’t understand why you are covering this, it seems to be a purely partisan witch hunt designed to score points with the right.
That being said, there is, if we are being completely honest with these things, a DAM GOOD REASON to investigate any organization with “Tea Party” in it’s name, when they are applying for 501(c)4 status. 501(c)4 organizations are social welfare organizations (think your local civics club) that by law are not allowed to spend the majority of their money on political activities. So, if i were an examiner, and having limited time, i’m going to spend most of my time examining the applications of groups with political sounding names, as they may be better classified as a 527 organization.
Re: 501(c)4
I agree that this seemed to clearly be a witch hunt — until the IRS started losing pertinent emails. That’s incredibly suspicious.
So jail time? Oh that’s right, we don’t seek to imprison those who work in the government for breaking laws targeting the peons.
Losing heads
I tell you, the government would lose its head, if it wasn’t attached. Oh, wait…
They lose it all the time. Anytime the email/video/recording/paper is embarrassing, involves a little business quid pro quo, or wrongdoing is involved.
It’s predictable as a clock: Embarrassing that we can’t find $1 billion – “Oops, lost our head.” Involves a little quid pro quo in the form of a massive bribe – “Oops, lost our head.” Agent beat the hell out of, tased, and then executed a man in a wheel chair – “Sorry, lost our head.”
There should be a law that any lost items equals an automatic $1 million reduction in budget. What a wonderful thought: That the government would wind up owing us to do their jobs.
Technology cannot replace...
…honest men and women.
How come the criminal, thieving IRS
never loses my W-4 form???