IRS Banner Fail

So I go to the IRS Page that allows taxpayers to check status of a refund. This is under the number “3” at the following URL–

The following banner pops up prior to setting a browser cookie.


I’m not a lawyer, so I have some questions regarding how to interpret this–

  1. Should this be read as–
    1. Use of this system constitutes consent to monitoring, interception, recording, reading, copying or capturing by authorized personnel of all activities. (or)
    2. Use of this system constitutes consent to monitoring, interception, recording, reading, copying or capturing by authorized personnel of all activities.
  2. And what does authorized personnel of all activities mean. If I use the system, I have to be authorized, or I’m breaking the law (as identified two sentences later–Unauthorized use is prohibited).
  3. So based on #2 above (authorized user). When I use that definition of authorized user in #1, the IRS isn’t accepting responsibility if I somehow happened to perform the following on another user’s information –  monitoring, interception, recording, reading, copying or capturing. (doesn’t exclude my accountability, but it certainly alleviates the IRS accountability)
  4. There is no right to privacy in this system“?
    1. So I’d hope the IRS can access my information, that is sort of the point of the system.
    2. But I also hope that data is private (meaning that the information isn’t publicly available), which is not what the banner states.

Okay, I know this is just a rant and it’ll probably flag me for an audit. Honestly, I’m as conservative as possible with my taxes. I just can’t resist being critical of a banner like this. I’m sure this went through some ridiculous amount of scrutiny and was agreed upon by a panel. Maybe it makes legal sense, but it sure doesn’t make sense to me.

BTW–I technically acknowledged this by clicking ok (so I could see it set the cookie). However, I didn’t go through the process of checking my status. I think I’ll just wait until my refund arrives. I hope none of that constitutes Unauthorized Use 😉

Disclaimer: This article includes the independent thoughts, opinions, commentary or technical detail of Paul Stewart. This may or may does not reflect the position of past, present or future employers.

About Paul Stewart, CCIE 26009 (Security)

Paul is a Network and Security Engineer, Trainer and Blogger who enjoys understanding how things really work. With over 15 years of experience in the technology industry, Paul has helped many organizations build, maintain and secure their networks and systems.
This entry was posted in Other. Bookmark the permalink.

2 Responses to IRS Banner Fail

  1. ariel says:

    I was also weary when I saw this, I guess I cant e-file without signing away all my privacy? This is so vague to me.

  2. Gabriel says:

    Hey Paul,

    Love your blog! I work on several moderate level security government contracts. Part of DHS compliance, is that you have their pre-set banner on the login screens of all desktops, and the networking equipment within that government boundary. It is very similar to the banner from the tax site, just a little more comprehensive. They actually changed it within the last year, and we had to update it :), added a little more verbiage to the legal stuff (though I am sure nobody ever reads it!)

    Just one of those “check boxes” that the government demands on anything that can contain some of its data / meet DHS set requirements.

Comments are closed.