Can the IRS survive the "Get Transcript" hacking?

On 26 January 2014, my American Thinker blog posting expressed data security and identity theft concerns anent to the Internal Revenue Service's "Get Transcript" program, which purposes to efficiently provide individual taxpayers with their official IRS records so that the taxpayers might square away their accounts.  Now, sixteen months later, my pessimistic projections have been most unhappily validated.  The personal data of individual taxpayers stored in the IRS's data banks has indeed been hacked via the "Get Transcript" program.

As aptly noted by Mark J. Fitzgibbons in a May 27 American Thinker posting, the IRS's top leadership apparently has yet to adequately internalize the gravity of the situation.  It is again noted that the identity theft-related tax fraud issue was expounded upon at a congressional hearing in 1979, at which time the IRS was put on notice of the problem.

Though there have been a few reported instances of IRS employee complicity in identity theft schemes, until now the IRS's contribution to identity theft damage has, by and large, been in its poor data stewardship.  Heretofore, the IRS has been a soft target for identity thieves who already have the stolen identities in hand, and has made payouts upon being presented with the illicitly obtained information.  With this latest "Get Transcript" hacking, however, the IRS has morphed from being a victim of secondary deception to being a primary source of the sensitive data.  It is no longer the IRS's poor data stewardship; now the very security of the data entrusted to the IRS itself has been seriously compromised.

There likely will be more developments in this story line – this posting will not now venture guesses as to whether this latest data breach involved an inside confederate operative; whether the extent of the problem has been understated by the IRS; whether the affected taxpayers, to whom the IRS has promised special scrutiny to their accounts, will thereby be subjected to an increased risk of an overly intrusive tax audit; or even the identity or nature of the perpetuators.

There is no need to remind the reader that data security and identity theft are not the only IRS issues that have made the news.  In addition to the political misuses of the IRS, there was the public broadcast of a taxpayer's conversation with an IRS agent.  If such serial blunders were done by a subsidiary or division of a large corporation, the disbandment of that division or subsidiary would surely be given serious thought in the parent corporation's boardroom.

Perhaps the incident may prove to be a sea change for the question of whether the IRS should continue to exist as we know it.  If the IRS doesn't accord a weighty value to the incident, some people in Congress certainly have.  The incident may well add fuel to the fire in the discourse about whether the IRS should be abolished.  But abolishing the IRS is easier said than done, not the least because the IRS cannot truly be abolished unless Obamacare, and indeed, the income tax itself, are also abolished.

Kenneth H. Ryesky is a lawyer who has taught business law and taxation at Queens College CUNY.  He formerly served as an attorney for the IRS.

On 26 January 2014, my American Thinker blog posting expressed data security and identity theft concerns anent to the Internal Revenue Service's "Get Transcript" program, which purposes to efficiently provide individual taxpayers with their official IRS records so that the taxpayers might square away their accounts.  Now, sixteen months later, my pessimistic projections have been most unhappily validated.  The personal data of individual taxpayers stored in the IRS's data banks has indeed been hacked via the "Get Transcript" program.

As aptly noted by Mark J. Fitzgibbons in a May 27 American Thinker posting, the IRS's top leadership apparently has yet to adequately internalize the gravity of the situation.  It is again noted that the identity theft-related tax fraud issue was expounded upon at a congressional hearing in 1979, at which time the IRS was put on notice of the problem.

Though there have been a few reported instances of IRS employee complicity in identity theft schemes, until now the IRS's contribution to identity theft damage has, by and large, been in its poor data stewardship.  Heretofore, the IRS has been a soft target for identity thieves who already have the stolen identities in hand, and has made payouts upon being presented with the illicitly obtained information.  With this latest "Get Transcript" hacking, however, the IRS has morphed from being a victim of secondary deception to being a primary source of the sensitive data.  It is no longer the IRS's poor data stewardship; now the very security of the data entrusted to the IRS itself has been seriously compromised.

There likely will be more developments in this story line – this posting will not now venture guesses as to whether this latest data breach involved an inside confederate operative; whether the extent of the problem has been understated by the IRS; whether the affected taxpayers, to whom the IRS has promised special scrutiny to their accounts, will thereby be subjected to an increased risk of an overly intrusive tax audit; or even the identity or nature of the perpetuators.

There is no need to remind the reader that data security and identity theft are not the only IRS issues that have made the news.  In addition to the political misuses of the IRS, there was the public broadcast of a taxpayer's conversation with an IRS agent.  If such serial blunders were done by a subsidiary or division of a large corporation, the disbandment of that division or subsidiary would surely be given serious thought in the parent corporation's boardroom.

Perhaps the incident may prove to be a sea change for the question of whether the IRS should continue to exist as we know it.  If the IRS doesn't accord a weighty value to the incident, some people in Congress certainly have.  The incident may well add fuel to the fire in the discourse about whether the IRS should be abolished.  But abolishing the IRS is easier said than done, not the least because the IRS cannot truly be abolished unless Obamacare, and indeed, the income tax itself, are also abolished.

Kenneth H. Ryesky is a lawyer who has taught business law and taxation at Queens College CUNY.  He formerly served as an attorney for the IRS.