IRS

IRS Basically Plastering Your Social Security Numbers on Billboards Now, Because Why Not?

Tax agency overuse of sensitive personal info makes more opportunities for identity thieves.

|

credit: 401(K) 2013 / Foter / CC BY-SA

The IRS continues to recklessly print Social Security Numbers (SSNs) on hundreds of millions of notices and letters, despite warnings that this practice dangerously exposes sensitive personal information, and years of pressure to reduce the use of SSNs on documentation.

In fact, the tax agency doesn't even have procedures in place to fully track its use of SSNs, according to a report by the Treasury Inspector General for Tax Administration (TIGTA), a tax agency watchdog.

In a press release today, the watchdog warned that even though "a person's Social Security Number is the most valuable piece of personal data identity thieves can obtain….The fact that the IRS does not have processes and procedures to accurately identify all correspondence that contain Social Security Numbers remains a concern." In short, the IRS is so casual about the use of SSNs on documents that it doesn't even really know all the ways that it uses them. What's clear, though, is that they're used an awful lot.

That creates a potentially huge identity theft problem for hundreds of millions of Americans. As the full TIGTA report notes, the Federal Trade Commission has warned that mail theft is common amongst identity thieves.

And the IRS sends a huge amount of mail with SSNs included. In the 2014 fiscal year, the tax agency mailed in excess of 141 million notices and 37 million letters, TIGA reports, most of which still contain personal info.

The IRS was supposed to cut down on the use of SSNs years ago. The Office of Management and Budget ordered the agency to get rid of unnecessary by 2009, but the agency didn't comply, and in 2011 suspended its ongoing SSN Elimination Reduction Program entirely, complaining of limited funding. (How much money does it really take to remove or redact SSNs from widespread use?)

Anyway, the IRS hasn't made much effort to fulfill its mandate. A previous TIGTA review found no "significant progress" in reducing the use of unnecessary SSNs, and the latest from the watchdog finds only "limited progress" as of January 2015, with the IRS removing SSNs from 2 percent of the 2,749 types of letters it sends out, and 48 percent of the 195 types of notices it issues.

In other words, the IRS is, as usual, making life more difficult for ordinary taxpayers. On the other hand, it is continuing to ensure plenty of opportunity for identity thieves. 

Advertisement

NEXT: Milk: Government Nutrition Nannies Wrong Again?

Editor's Note: We invite comments and request that they be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of Reason.com or Reason Foundation. We reserve the right to delete any comment for any reason at any time. Report abuses.

  1. “Don’t worry. That number will never be used as some sort of universal national identification.”

    1. +1 New Deal

  2. #BTFSSTG

    1. Hey, the reboot was good for the first like three seasons.

      1. No, no, Hugh, she’s making some weird reference to Roald Dahl’s Big Friendly Giant. Why? I have no idea. It’s Nicole.

        1. That’s fine too. For a minute I was afraid she was talking about behind the scenes of TNG. Which I think is just a picture of Rick Berman with a nosebleed calling Marina Siritis ‘sweetcheeks’.

          1. As long as he doesn’t call Denise Crosby that, I can handle that image. Especially if Dwight Schultz gave him that bloody nose.

            1. The nosebleed is from all the cocaine.

              1. That’s what I said, Hugh. Dwight Schultz. Or did you think Howlin’ Mad Murdock wasn’t ripped on blow all the time?

                    1. Is that Werner Brandes?

                    2. No. They look and act very similar, but no.

                    3. So his voice isn’t his passport?

                    4. Strangely enough, Stephen Tobolowsky doesn’t just look like Brandes, he sounds like him too. It’s weird.

                      Now say SETEC ASTRONOMY 10 times fast.

  3. Has anyone compared the costs of protecting customers’ personally identifiable information (PII) to the cost of just insuring customers against identity theft, detecting the theft and prosecuting the thieves? Part of me thinks the second route might actually be cheaper, given how easy it seems to be for PII to slip through everyone’s fingers online.

    1. Identity theft is just another word for bank fraud that banks use to make it sound like it’s not their fault for giving out loans to the wrong person.

      1. Got it in one. If I get a credit card in Loretta Lynn’s name, max it out, and never make a payment, is it her fault? Of course not. The bank made an agreement with me, not her, albeit under false pretenses. I’m responsible and the bank is the primary victim; any harm to Ms. Lynn is arbitrarily forced by the bank reporting her for nonpayment when the real fault is their failure to perform due diligence.

        Also, is it me or does it seem like the fact that lending banks will happily lend you thousands of dollars without seeing you in person with a photo ID tends to indicate that they’ve got the identity theft game wrapped up? I mean, if I want to borrow $1000 from my bank I’ve got to show up in person with ID, references, and sign any number of forms, but I could get a credit card with a $10k limit online in minutes.

  4. (How much money does it really take to remove or redact SSNs from widespread use?)

    Spaulding: What do you fellas get an hour?
    Ravelli: For playing, we get-a ten dollars an hour.
    Spaulding: I see. What do you get for not playing?
    Ravelli: Twelve dollars an hour.
    Spaulding: Well, clip me off a piece of that.
    Ravelli: Now for rehearsing, we make special rate. That’s-a fifteen dollars an hour…That’s-a for rehearsing.
    Spaulding: And what do you get for not rehearsing?
    Ravelli: You couldn’t afford it. You see, if we don’t rehearse, we a-don’t play, and if we don’t play (he snaps his finger) – that runs into money.

    1. +1 “How he got in my Pajama’s I’ll never know”

    2. Three chairs for Captain Spaulding !

  5. This was a huge issue for us as an employer, like many companies. We used SSN as an identifier, even on stuff like overtime runs that were posted in the workplace ROUTINELY in the 1990’s.

    We long ago eliminated its use, such that when one of my people inadvertantly sent out a document with a couple SSN’s in it – ALL OF WHICH WERE RETRIEVED, THUS PREVENTING ANY EXPOSURE – I STILL disciplined him with two weeks off for being careless, despite – literally – no harm occuring.

    And the IRS can’t eliminate an SSN from my fucking tax return in 2015? Of course they can’t – cause government.

    But let’s give them more power and take away everyone’s guns, while we’re at it.

    Fuck the government. Especially fuck the IRS, with a fucking woodchipper.

    1. That was three years ago I whacked the employee, just to provide timeframe.

      PS Fuck the IRS with Trump’s woodchipper.

      1. and that’s a Yuuuuge woodchipper.

  6. THE + IRS = THEIRS

    1. Omg deep! Like stepping out of The Matrix.

      1. You can’t spell the matrix without tax.

        1. Mind.Blown

    2. Electric Company?

  7. Didn’t the president make a big fuss about Target and Home Depot’s data breaches? Why the fuck haven’t we heard anything on the OPM and this bullshit?

    1. Mistakes were made. Steps were taken.

      Also, FY, TW.

  8. Government is the personal information we choose to steal together.

  9. Our SSNs are so exposed there is no way to put those animals back in the barn. I Imagine that issuing a ‘security code’ to pin to provide the illusion of security might work. The IRS is just a bunch of jack-booted fuck-heads. Who hired them anyway??

  10. Is anyone personally accountable for the problem ?
    No ?
    Incentives, how do they work ?

    1. You could fire the head of the IRS!

      …. and then he’d go work for a lobbyist and make 10 times what he does now.

  11. In other words, the IRS is, as usual, making life more difficult for ordinary taxpayers.

    This is a feature, not a bug. The IRS is another enforcement outfit. They’re a goon squad like the police, but instead of cracking skulls they perform audits. They are there to keep the proles in line and extract money from them. You are supposed to be terrified of them and what they can do to you, including losing your SSN data.

    The IRS are accountants who demand protection money. To think they will ever be reformed to be responsible assumes that they aren’t there to steal from you. Which is very, very wrong.

    1. Oh they’ll crack heads too. They’ve got their own SWAT team FFS.

      1. I think every federal department does at this point. That way they don’t need to rely on local law enforcement when they want to use violence on someone who fails to show sufficient respect.

  12. Google pay 97$ per hour my last pay check was $8500 working 1o hours a week online. My younger brother friend has been averaging 12k for months now and he works about 22 hours a week. I cant believe how easy it was once I tried it out.
    This is wha- I do…… ?????? http://www.buzznews99.com

    1. You need a math class, kid. You can’t make $8500 getting paid $97/hr for 1o hours. You’ve got to work at least 2e5g hours to make that kind of money.

  13. The Office of Management and Budget ordered the agency to get rid of unnecessary by 2009, but the agency didn’t comply, and in 2011 suspended its ongoing SSN Elimination Reduction Program entirely

    I suppose I could write the IRS a stern letter and claim that I’m ‘ordering’ the IRS to straighten up and fly right, but an order that can be freely ignored is not much of an order.

  14. The Office of Management and Budget ordered the agency to get rid of unnecessary by 2009, but the agency didn’t comply, and in 2011 suspended its ongoing SSN Elimination Reduction Program entirely

    I suppose I could write the IRS a stern letter and claim that I’m ‘ordering’ the IRS to straighten up and fly right, but an order that can be freely ignored is not much of an order.

  15. I recently received in the mail from the IRS a notice to inform me a refund check they issued to me was returned because of an incorrect address. They mailed me a notice, to the correct address, to inform me they did not have my correct address. Think on that for a moment… This is the level of thought commonly employed by government agencies. I don’t know how much the refund is for, nor the reason it was issued, or when, useful info you might put on the notice. Just a notice, presumably mailed to the same address, to tell me I was going to get a check for something, but currently am not getting due to their apparent incompetence. I’m sure if I call them, I’ll get put on hold for approximately three years before getting routed to a recording and cut off…

  16. The Office of Management and Budget ordered the agency to get rid of unnecessary by 2009, but the agency didn’t comply

    Emphasis added. Apparently it *did* comply.

  17. GOP Congressmen to Obama: Remove IRS Head Koskinen or We Will Impeach

    “At least we’ll plaster his Social Security number on billboards.”

  18. How much money does it really take to remove or redact SSNs from widespread use?

    Same as every other government project: more.

  19. There was a news report about how basically all California government agencies have inadequate systems and processes in place to protect personal data. As someone who works at a California company where we have to spend a lot of time and money to get these data protections in place for legal compliance, I get really steamed. If we suffer a data breach, we could be subject to a buttload of fines and penalties, not to mention contractual liabilities with our customers. If the government suffers a data breach, then… nothing. Any law that the government itself cannot or doesn’t have to comply with should be struck off the books.

  20. Well, they can do it,does not mean it should be ok!

Please to post comments

Comments are closed.