IRS Negligence Destroys Your Privacy
Sunday, January 13th, 2019 @ 4:34AM
When under the gun from IRS auditors and investigators your records are scrutinized as intensely and meticulously as possible. Yet, when it comes to the IRS’s requirements for following the rules about proper care and diligence of sensitive taxpayer information, they’re more careless than you can imagine.
The IRS has rules about what types of information must be transmitted through a secure and encrypted e-mail service, but a TIGTA investigation of IRS communications found that approximately 49% of IRS employees had used unsecure messaging services to transmit sensitive taxpayer information.
With 95% statistical confidence the investigation concluded that between 614,867 and 1,674,631 unencrypted messages were transmitted containing tax returns and personally identifiable information for the year of investigation.
They estimated that as high as 71,401,886 taxpayers could have had their information jeopardized.
This is not a trivial issue; cyber security breaches are making headline news non-stop. According to a Thales cyber security report, 57% of federal agencies had their data breached in 2018, three times as many as in 2016.
The IRS has a codified policy of harsh penalties for its employees, including the prospect of removal for sending personally identifiable information through unsecure means; however, the investigation concluded that “there was no evidence provided that these penalties were enforced.”
The IRS maintains a labyrinth of tax traps in a 70,000 page maze of a tax code. Whenever a violation of one of the seemingly infinite rules in the tax code is found on a tax return, penalties are alleged no questions asked. Of course, this harsh and unforgiving standard for policing taxpayers is not directed at their own misconduct.
Time and time again the IRS is held to and self-polices under a different standard then the taxpayers it ostensibly serves.