WASHINGTON – Despite announcements of various inquiries and investigations, nothing is known about the source of the massive leak or hack of private taxpayer information ending up in the hands of advocates at ProPublica.  Meanwhile, the Internal Revenue Service (IRS) has said it does not yet even know whether there has been a threat of a breach, even as it promotes legislative mandates for massive increases in private taxpayer information flowing to the IRS from individuals’ accounts at financial institutions.  
 
U.S. Senate Finance Committee Ranking Member Mike Crapo (R-Idaho) and U.S. Senate Judiciary Ranking Member Chuck Grassley (R-Iowa) sent a letter to Treasury’s Inspector General for Tax Administration asking for an audit of IRS research activities, and security protocols surrounding those activities, as part of their oversight responsibilities and concerns over any avenue by which private taxpayer information may be put at risk of unauthorized disclosure. 
 
Our tax system is built on a foundation of voluntary compliance, and compliance rates have been steadily high.  As Crapo and Grassley have noted before, any unauthorized leak of private IRS taxpayer information threatens a key foundation of our system.
 
In the letter, the Members write: 
 
“Clearly, taxpayer information is vulnerable as shown by the apparent leak or hack of confidential information.  One longstanding way in which confidential taxpayer information is utilized is through research done in-house at the IRS, and by working with outside academics and researchers.  As long as little is known about the source of the information published by ProPublica, every avenue by which taxpayer data is accessed should be investigated.  Even legitimate efforts to anonymize data for research purposes may not adequately protect individuals from being identified by the resulting data.  The articles published by ProPublica are themselves a product of unknown individuals performing analysis of large amounts of complicated data, which suggests a possible connection to legitimate research functions.  Others in the research community have expressed concern that the leak or hack could have implications for researchers.”
 
Background: On June 8, the Senate Finance Committee held a hearing with IRS Commissioner Rettig titled “The IRS Fiscal Year 2022 Budget,” in which the Commissioner advocated for significant and permanent increases in funding for the IRS, partly on the basis of reducing the tax gap.  Immediately prior to the start of the hearing, ProPublica began disclosing confidential, private and legally-protected taxpayer information, naming particular individuals in an ongoing series of articles.  ProPublica claimed it had obtained a “vast trove of Internal Revenue Service data on the tax returns of thousands of the nation’s wealthiest people, covering more than 15 years.” 
 
Despite announcements of various inquiries and investigations, nothing is known about the source of the massive leak or hack.  In response to inquiries Crapo and Grassley made to the IRS Commissioner on August 10 about a major data-security breach at the IRS, the Commissioner responded on September 13 that “We do not yet know whether there has been a data breach or a threat of a breach.” 
 
The leak or hack of private taxpayer information and unauthorized disclosure by advocates at ProPublica cannot be ignored or swept under the rug.  The public needs to know that personal information provided to the IRS remains confidential, and not available for targeting or political agendas, especially in light of current efforts to expand private information collection on American taxpayers.
 
Full text of the letter can be found HERE.
 
-30-