Lankford Demands Answers to Ensure Taxpayer Data Security Ahead of Senate Finance Hearing

WASHINGTON, DC – One year after the massive data leak of Americans’ sensitive taxpayer information to ProPublica, Senator James Lankford (R-OK) today sent a letter to Treasury Secretary Janet Yellen about Treasury’s lack of response to the leak, which reportedly exposed a “vast trove” of IRS data on the returns of thousands of Americans, covering more than 15 years. Both the leak of sensitive taxpayer information from the government and its publication are punishable felonies. Lankford will participate in a Senate Finance Committee hearing with Secretary Yellen to ask her about this and whether or not her Department and the IRS can keep taxpayer information safe.

Lankford wrote in his letter, “It has been 364 days—almost one entire year—since this article, the first in a series of politicized reports identifying individual taxpayers by name, was published. That article states that ProPublica has obtained a “vast trove” of IRS data on the returns of thousands of Americans, covering more than 15 years. Almost one entire year without an ounce of information from your Department regarding how this happened, what steps are being taken to protect taxpayer data, and whether or not Americans’ confidential tax information is, in fact, safe. Almost one entire year with no resolution or assurance, no response to Congress, and no information to the American people.”

Lankford continued, “Unfortunately, I do not have reason to believe that this is, in fact, a top priority for your Department. Your silence with respect to this matter undermines the very tax administration that you oversee and the tax compliance that you seek. Therefore, as a Member of your authorizing Committee, and as an oversight function, I ask that you brief the Members of this Committee on IRS security protocols, processes, and procedures, and on steps taken to ensure that nothing like this ever happens again.”

Lankford continues to demand answers from Treasury on their mishandling of sensitive taxpayer data, their tremendous backlogs in processing tax returns, and their potential targeting of certain groups seeking tax-exempt status. In June 2021, Lankford and Senate Finance Committee Republicans immediately demanded an investigation following the apparent massive leak of more than 15 years of legally protected, personal taxpayer information from the Internal Revenue Service (IRS) to the media outlet ProPublica. In a letter to the Treasury Inspector General for Tax Administration (TIGTA), the senators noted the nature of the information suggests it came directly from the IRS, constituting a serious breach of privacy and criminal violation of tax law. Lankford also spoke on the Senate floor about the leak and questioned Treasury’s General Counsel about how the leak and publication, both of which are felonies, occurred.

You can read the full letter HERE and below:

Dear Secretary Yellen:

Our tax system—implemented and administered by the US Treasury Department (“the Department”), which you oversee—relies on the American public’s confidence in secure, impartial, and efficient tax administration. Unfortunately, recent events have called into question assurances of privacy and security, which, as a result, undermine confidence and threaten the public’s trust. As a Member of the Senate Finance Committee, I write today to express my concern over the Department’s casual indifference with respect to these issues and to request that you brief the Members of this Committee on the security of Americans’ confidential information held by the Internal Revenue Service (IRS).

On June 8, 2021, the media outlet ProPublica published an article titled “The Secret IRS Files: Trove of Never-Before-Seen Records Reveal how the Wealthiest Avoid Income Tax.” It has been 364 days—almost one entire year—since this article, the first in a series of politicized reports identifying individual taxpayers by name, was published. That article states that ProPublica has obtained a “vast trove” of IRS data on the returns of thousands of Americans, covering more than 15 years. Almost one entire year without an ounce of information from your Department regarding how this happened, what steps are being taken to protect taxpayer data, and whether or not Americans’ confidential tax information is, in fact, safe. Almost one entire year with no resolution or assurance, no response to Congress, and no information to the American people.

Unfortunately, this failure appears to be neither the first, nor likely the last, instance of security deficiencies plaguing the IRS and putting taxpayer information at risk. Recent findings from the Government Accountability Office (GAO) and the Treasury Inspector General for Tax Administration (TIGTA) have also generated concern for the security of Americans’ information. For example, in its Annual Assessment of the IRS’s Information Technology Program for Fiscal Year 2021, TIGTA declared that “[u]ntil the IRS takes steps to improve its security program deficiencies and fully implement all security program components in compliance with FISMA requirements, taxpayer data could be vulnerable to inappropriate and undetected use, modification, or disclosure.”

In addition, a recent report from GAO found that the IRS investigated and closed 1,694 cases of willful unauthorized access, attempted access, inspection, or disclosure of federal tax information by IRS employees between fiscal years 2012 and 2021. According to GAO, over 27% were substantiated as violations. An additional 22% of those cases were unresolved. This further calls into question the IRS’s ability to keep confidential taxpayer information safe.

Both the willful unauthorized inspection of taxpayer returns or return information by employees and contractors authorized to receive federal taxpayer information, and the willful unauthorized disclosure of a taxpayer’s return or return information are crimes under 26 U.S.C. § 7213A and 26 U.S.C. § 7213, respectively. To the extent that willful unauthorized access, inspection, and disclosure of return information is taking place amongst IRS employees or contractors, this should be of great concern to the Department and corresponding action should follow. Similarly, if inadequate security measures are making taxpayer data vulnerable to inappropriate use or disclosure, you have a responsibility to enhance security protocols taken by both the Department and the IRS.

As disclosures, security flaws, and possible attempts to weaponize protected data continue, the privacy and protection of confidential taxpayer data must be prioritized. Unfortunately, I do not have reason to believe that this is, in fact, a top priority for your Department. Your silence with respect to this matter undermines the very tax administration that you oversee and the tax compliance that you seek. Therefore, as a Member of your authorizing Committee, and as an oversight function, I ask that you brief the Members of this Committee on IRS security protocols, processes, and procedures, and on steps taken to ensure that nothing like this ever happens again.

Thank you for your attention to these matters. We look forward to a subsequent briefing on these issues.

In God We Trust,

###