Monday, January 25, 2016

The IRS, taxpayer data, and evidence spoliation

According to an article from Americans for Tax Reform, the IRS has admitted that it wiped a hard drive containing key data for a FOIA request, despite a judge's order to preserve it.  Surprisingly, the FOIA request came from Microsoft and was in response to what appeared to be shenanigans in hiring outside counsel for a tax auditing case at a cost of $2.2 million to the taxpayers.  The firm was charging $1000/hr despite having no actual experience in the subject matter.  The FOIA request was investigating corruption and the loss of the digital evidence may now make it impossible to determine the circumstances under which this firm was hired.

The IRS has failed to preserve digital evidence in other cases as well.  Previously it destroyed evidence on more than 400 backup tapes containing potentially incriminating email.

If you work in private business, you should definitely take heed.  Unlike the IRS, if you fail to preserve evidence after being ordered to do so, there will very likely be substantial consequences.  A spoliation ruling from a judge is devastating to your case in any lawsuit.

At Rendition Infosec, we always advise clients to develop policies surrounding litigation hold.  In any large company, it's only a matter of time before you are served with a preservation order/litigation hold.  Getting the response wrong can cost you big time, so in addition to creating a policy, organizations should also test the policy in tabletop exercises.  Like so many things in infosec, this is a place where an ounce of prevention can be worth a pound of cure.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.