Finance Republicans raise privacy concerns with IRS collaboration

0

Washington DC–U.S. Senate Finance Committee Ranking Member Mike Crapo (R-Idaho) and Republicans on the Finance Committee ask the Internal Revenue Service (IRS) for information on a recent collaboration with the nonprofit group Code for America (CFA), a partnership to help Americans claim child tax credits.

In the letter, members raise several security and privacy concerns, especially in light of the massive leak of private taxpayer information from the IRS to ProPublica, and as Democrats seek to almost double the IRS funding.

From letter:

“With the clearly increased presence of the CFA in tax preparation activities and the approval of the CFA by the federal government, it is essential that Congress obtain documents and know that protecting the privacy of taxpayers is not threatened.

“In light of an alleged IRS data leak to ProPublica which includes personally identifiable information and has been used for politicized articles, and given that taxpayer information is believed to be protected under federal law and its law. application, it is of the utmost importance that privacy protections are closely scrutinized.

Republicans on the Finance Committee sign the letter:

  • Mike Crapo (R-Idaho, Ranking Member)
  • Chuck Grassley (R-Iowa)
  • John Thune (R-South Dakota)
  • Richard Burr (R-North Carolina)
  • Rob Portman (R-Ohio)
  • Pat Toomey (R-Pennsylvania)
  • Bill Cassidy (R-Louisiana)
  • James Lankford (R-Oklahoma)
  • Todd Young (R-Indiana)
  • John Barrasso (R-Wyoming)

Read the letter here or below:

Dear Commissioner Rettig,

On September 1, 2021, the Treasury Department announced a “collaboration” of the Treasury, the White House and the Code for America (CFA) on an Internet-based tax tool for people who have not filed a tax return necessary but who wish to benefit from a child tax credit. (CCT). The release included a link to the CFA website and registration portal where individuals can access the CFA software to prepare and submit the tax returns necessary to receive the CTC and possibly other stimulus payments.

Along with the Treasury announcement, the White House changed its CTC website by replacing the IRS “Child Tax Credit Update Portal” with hyperlinks to www.getctc.org. Some see this replacement as an approval or preference by the federal government for CTC-eligible people to use the CFA software rather than the IRS software.

CFA also owns www.getyourrefund.org, an Internet portal offering a “free” tax return. With the clearly increased presence of the CFA in tax preparation activities and the approval of the CFA by the federal government, it is essential that Congress obtain documents and know that the protection of taxpayer privacy does not exist. is not threatened. In light of an alleged IRS data leak to ProPublica that includes personally identifiable information and was used for politicized articles, and given that taxpayer information is believed to be protected by federal law and its enforcement , it is of the utmost importance that the protection of privacy be closely scrutinized.

Due to the recently established collaboration between the executive branch and the CFA, we are interested in obtaining information about the IRS’s collaboration with the CFA, including documentation of compliance with all necessary taxpayer and privacy protections. To this end, please respond to the following questions and requests by January 17, 2021.

  1. Please provide any agreement between the IRS and the CFA, including any grants.
  2. Has CFA received any Volunteer Tax Assistance (VITA) or Elderly Tax Advice (TCE) grants? If so, please provide documentation, including Form 15272, compliance with safety procedures, any coordinated corrective action, and proof that CFA has met all grant requirements and documentation necessary to ensure compliance with the terms and conditions of VITA and TCE.
  3. To the extent that CFA has received VITA grants, please identify all CFA tasks, projects and programs for which these grants are used.
  4. Did the IRS provide information technology, including equipment, to CFA?
  5. Did the IRS exercise due diligence regarding DWI activities before the Treasury announced the federal government’s collaboration? If so, please describe the review process and the corresponding analysis and conclusions, including the analysis of CFA’s privacy policy posted on www.getctc.org.
  6. Given the sensitive nature of the reporting information and the apparent massive leak of a “vast treasure chest” of taxpayer information to ProPublica, please provide a full description of the CFA security protocols used in any collaborative context of IRS with CFA to protect tax return information, including any relevant compliance with Publication 4299 and the six security, privacy, and business standards detailed in Publication 1345.
  7. Did the CFA report a security incident, as described in publication 1345, to the IRS? If so, please summarize each incident.
  8. Is the CFA authorized by the IRS to be part of the e-File program?
  9. If CFA is an IRS Certified Electronic File Provider, please identify and document it, including the rationale for CFA meeting the requirements of the IRS Document “Become an Authorized Electronic File Provider”. Please also indicate when CFA applied to become an IRS Certified Electronic File Provider and when approval was granted.
  10. Prior to September 1, 2021, how much time did the IRS spend developing its own CTC portal?
  11. Please provide the previous CFA tax year with reports of potential identity theft reimbursement fraud activity and its compliance, including the CFA number from Form 3949-A filed with the IRS. Did the CFA miss reporting deadlines?
  12. Has the IRS received a Form 14242, 14157, 14157-A, or 13909 related to the DWI? If so, please summarize each report, complaint or affidavit.
  13. Is CFA a participating member of the Security Summit or the Identity Theft Tax Refund and Fraud Information Sharing and Analysis Center?
  14. Identify the number of returns that were submitted through www.getctc.org and, separately, through the IRS CTC portal and, for each of the two portal entries, what percentage of returns were rejected?
  15. To your knowledge, how many refund deposits generated through www.getctc.org were made to accounts that were not in the filer’s name, to an account outside of the US, or credited to a debit card?

I look forward to receiving details of third-party collaborations regarding CTC by January 17th. Please also arrange for your staff to provide a briefing to our finance committee staff within the next month.

Truly,


Source link

Share.

Comments are closed.