Guest column submitted by U.S. Senator Mike Crapo
Taxpayers have certain fundamental rights when it comes to dealing with the Internal Revenue Service (IRS), including the right to privacy and the right to confidentiality. From serious breaches of confidential taxpayer data and document mismanagement to poor cybersecurity training and infrastructure vulnerabilities, the IRS has a decades-long and troubled history with adequately protecting American taxpayers’ information. One particularly egregious event in recent history was the unauthorized disclosure of private, legally-protected IRS data to online news source ProPublica—an incident of which little has been revealed, despite an ongoing, years-long investigation by multiple agencies.
As Ranking Member of the Senate Finance Committee, I asked the Government Accountability Office (GAO) to review the data security practices used by the IRS to ensure the agency was implementing robust processes and procedures to fully protect tax filers’ personal data. GAO recently released its report, and the findings are not reassuring. The report highlights new and longstanding unresolved security risks surrounding the safety of confidential taxpayer information at the IRS. The report identifies dozens of security weaknesses at the agency, many of which have been known by the IRS for years, and makes multiple recommendations aimed at safeguarding and protecting taxpayer information.
Among the GAO report’s findings:
In addition to highlighting the dozens of prior recommendations, the GAO reported the IRS has thus-far failed to take comprehensive action to “significantly improve IRS’s ability to safeguard taxpayer information.” The GAO also makes 15 new recommendations to the IRS, including to: establish agency-wide training completion goals for contractors; maintain comprehensive inventory of systems that store taxpayer information; and risk-assess its methods of data transferals to contractors.
Now, in addition to tax collector and enforcer, the agency wants to act as tax preparer, despite the evidence showing it is unprepared to be trusted with such responsibility. Instead of devoting time and resources to developing new federal programs that would collect and expose even more sensitive information from taxpayers, the IRS should instead focus on addressing its security weaknesses and improving its woeful customer service. Protecting taxpayer privacy must be a top priority for the IRS, and I will keep fighting to hold the agency to a higher standard for Idaho taxpayers.
# # #