One of the tax blogs that I faithfully read is Procedurally Taxing. Today, they noted a lawsuit against the IRS regarding the IRS’s procedures when a third-party calls them for taxpayer information. The author of the post is a tax attorney, Nick Xanthopoulos; he’s joined in the lawsuit by Professor Keith Fogg of Harvard University.
Suppose I have an IRS Power of Attorney (POA) or Tax Information Authorization (TIA) for a client, and I request information from the IRS (this could be a transcript, whether a payment is received, putting a client in “Currently Not Collectible Status”, having a misapplied payment applied correctly, etc.), the IRS agent will ask for my personally identifiable information at the start of the phone call (my social security number, date of birth, and occasionally some other information). This is in addition to what the IRS Internal Revenue Manual (IRM) (the IRM is the book of procedures IRS employees are supposed to follow) says is required to verify that I am authorized to represent a taxpayer (the taxpayer’s name, social security number, the tax year and forms we are authorized for, and our CAF number (an identifier assigned by the IRS to each tax professional who files a POA or TIA with the IRS)). Why does the IRS need my social security number? As today’s post notes:
In January 2018, the IRS changed the procedure with no advance notice, and obviously, no opportunity for comment by the effected parties. Since then, IRS employees begin nearly every phone call by forcing practitioners to say our own SSN, date of birth, and other personal information.
The IRS said they needed this information to make sure taxpayers were not victims of identity theft. Well, that’s well and good, but what about tax professionals being victims of identity theft? This information makes its way into the clients files; the post notes that the author has obtained recordings of calls through Freedom of Information Act (FOIA) requests. In two of these calls, one of the authors’ social security numbers was on the recorded call.
The tax professional community hasn’t thought that this ‘enhanced’ procedure is a great idea. “Practitioners should never be forced to choose between representing someone as effectively as possible and protecting ourselves from identity theft or other misuse of our own personal information,” is how the author puts it. So the author of the post filed a Freedom of Information Act request to see the IRS’s precautions on this information. The IRS sent the authors to a redacted version of IRM 21.1.3.3, claiming that releasing the whole thing would disclose guidelines for law enforcement investigation or prosecutions, and such disclosure could lead to circumvention of the law. The authors appealed, but the appeal was denied.
The authors filed a lawsuit in US District Court for the District of Minnesota. Their goal is not monetary; rather, it is, “…to find out answers to these questions so that the practitioner community can begin to have a voice in how its information is used by the IRS and protected from abuse.”
Do I have confidence in the IRS protecting my personally identifiable information? I think the IRS will try, but given their past results I don’t trust them at all. I am hopeful that the authors will prevail in their lawsuit and some transparency will throw open some IRS procedures.