Internal Revenue Service (IRS)

The Internal Revenue Service (IRS) maintains files on every taxpaying American in the United States. The IRS knows not only their names, Social Security numbers, bank account information, and addresses, but also where they work and how much they earn. This type of information is the kind of data that identity thieves, telemarketers, researchers, and countless others would like to get their hands on. This information is maintained in government databases and is secured from release to the general public. The Freedom of Information Act allows for such data to be shared by other agencies within the government so long as the individual is protected.
This information sharing is no different from a commercial bank sharing certain customer or account information with other divisions within its holding company. Similarly, when financial institutions hire third-party contractors, they must take special steps to maintain the privacy and security of their customers’ financial information. The IRS is no different. The American Jobs Creation Act of 2004 created Section 6206 of the IRS Code, allowing the IRS to use private companies as contractors to assist in collecting the estimated $12 billion in unpaid taxes owed to the U.S. government. This collection agency outsourcing is a cheap and efficient way for the government to collect unpaid taxes, as these contractors would keep only 25 percent of the revenues they collect. However, these contractors would also be privy to the records of the individuals who owe taxes. This is one additional security layer that must be maintained in order to protect information concerning the public.
The Internal Revenue Code, the Privacy Act of 1974, and the Freedom of Information Act protect the rights and the privacy of taxpayers. Under the Federal Information Security Management Act, federal government agencies are required to prepare annual reports about their security procedures to the Tax Administration. The Internal Revenue Service also performs evaluations, called Privacy Impact Assessments, on computer systems and software applications to identify any holes in the system that could leak personally identifiable information to outside sources.
The Internal Revenue Service and other agencies maintain the privacy of individual taxpayer information and protect this information from release to the public. These organizations, however, have the right to analyze taxpayer data in aggregate for the purpose of decision-making. By evaluating an entire population of taxpayer data, the Internal Revenue Service can draw conclusions and create reports on trends and statistical analysis. These reports never reveal any specific information pertaining to an individual taxpayer and thus maintain an individual’s privacy. Only government employees who are held to the same data security standards used to protect individual data would perform these analyses.
The Internal Revenue Service may disclose individual taxpayer data from their data systems only with the written consent of the taxpayer in question. The exceptions to this rule are many; they focus mainly on providing such data to government agencies outside the scope of the Internal Revenue Service. The United States Census Bureau, for example, may access individual data strictly for the purpose of planning and performing statistical analysis with data from other agencies as allowed by Title 13. Individual taxpayer data may be provided to an individual as long as adequate written assurance is provided that these records will not be released and will be used strictly for statistical purposes with results that do not lead back to any single individual. If such a release of individually identifiable data should occur, then the person who had received the data from the Internal Revenue Service would be subject to fines and possible imprisonment. Data on an individual may also be provided, without consent, to law enforcement agencies for prosecuting criminal and civil activities so long as the director of the law enforcement agency makes assurances that the data will not be released to the general public.
Any instance in which the Internal Revenue Service releases individual data is logged in a central database by the IRS along with the date, nature, and purpose of disclosure to any person or agency for each record. These transcriptions are maintained for a period of not less than five years. This database is designed to assist in the determination of whether individual information has been released and who would be held responsible in the event of a leak.
Once an individual prepares his or her tax return and sends it to the local IRS processing center, there is the expectation that this information remains private. However, the U.S. government is able to use the information provided on the tax return in many ways. Most commonly, the data are aggregated to assist U.S. government agencies in making better decisions in all areas of the government.