The Privacy of Your Tax Data? Fuggeddaboutit!
To Our Valued Clients and Friends:
From our nation’s Tax Code:
“Taxpayers have the right to expect that any information they provide to the IRS will not be disclosed unless authorized by the taxpayer or by law. Taxpayers have the right to expect appropriate action will be taken against employees, return preparers, and others who wrongfully use or disclose taxpayer return information.”
On June 8, 2021, the news site ProPublica published confidential tax information pertaining to some of the nation’s wealthiest individuals, naming the taxpayers and associating these names with their data, including income and Federal income tax paid. ProPublica asserted that they received some 15 years’ worth of this data, and would not disclose how the information was obtained.
The unauthorized disclosure, whether delivered to ProPublica by an IRS employee or a hacker, represents a criminal offense – it is illegal for IRS employees to release such information, and obviously, it is illegal to hack into the IRS’ systems to obtain it.
This is a matter of grave concern for every individual who values their rights and their privacy. Whoever is responsible for the release of this data has violated both – and not just the rights and privacy of the named individuals, but of all of us. If malefactors feel themselves entitled to access and publish (or arrange for publication of) the private financial details of any taxpayer, which are shared with the government under compulsion but with the assurance of confidentiality, who will be targeted next?
This is of course not the first time taxpayers have suffered from breaches of IRS data by hackers; however, it does represent the first time so much data on so many individuals has been published. And it is uncertain at this time whether a hacker was responsible for this particular breach.
It’s an awful thing to find our own tax account has been hacked, our refund claimed by a thief. But thieves exist, we know that – probably since Mr. Caveman at Cave 1B envied the stone knife of Mr. Caveman at 3A, or Mrs. Caveman at 4C swiped a mastodon leg from Mrs. Caveman’s fire at 7E.
The IRS has always responded with procedures, however burdensome, through which to recover what is ours.
But no theft or attempted theft of money is involved here; dissemination of the confidential financial information seems to have been the principal, if not the only, purpose of the data’s release.
How are we supposed to have confidence in the IRS’ ability to maintain our confidentiality, in light of this? The answer is, we cannot reasonably maintain such confidence.
While an investigation is underway as to how such a massive breach of confidentiality occurred, in a social climate which can give rise to such an occurrence, it’s wise, especially for the nation’s wealthier citizens, to consider the privacy of their confidential tax information effectively non-existent.
We have no privacy left.
This is particularly disquieting in light of the current Administration’s proposals to require banks and other institutions to provide even more of our sensitive data to the IRS than they do now.
In addition, the IRS is asking Congress to enact legislation to allow them to require the disclosure of taxpayers’ crypto-currency transaction data.
In other words, we are being asked to trust the IRS with ever-increasing amounts of our sensitive information, just as it is demonstrated that the agency has no ability to guarantee such data will remain confidential.
I’m appalled, frankly. And deeply troubled.
As a CPA, I live in a world of confidentiality – the privacy of my clients – and their financial data – is sacred to me.
But apparently not to everyone. And I want to urge caution for all of us – let’s share only what we are required to, and hope for the best.
Hope, in other words, that we are not interesting enough – yet – to people like the individual or individuals who illegally amassed this data and illegally provided it to a news organization that would publish it.
Have you experienced inconvenience or harm via a breach of any of your data? What did you do about it?
Please click here to email me directly – I’d really like to know about your experiences.
Until next Wednesday –