Lawmakers are calling on the Department of Justice to criminally charge several tax preparation firms for sharing user data with social media companies.
Tax information contains a host of private and sensitive information, information customers should have every right to expect will remain confidential and secure. Unfortunately, according to The Verge citing reporting by The Markup, TaxSlayer, H&R Block and TaxAct all embedded a pixel in their sites that transmitted a host of data to the social media giant, including names, emails, income, refunds, and dependent information, depending on the specific company in question. While some of the information was obfuscated, it was easily reversible. Similarly, TaxAct sent information to Google via Google Analytics.
Ramsey Solutions uses a customized version of TaxSlayer and says it was unaware that TaxSlayer used the pixel to send info to Meta.
“We did NOT know and were never notified that personal tax information was being collected by Facebook from the Pixel,” Ramsey spokesperson Megan McConnell said in a statement to The Verge. “As soon as we found out, we immediately informed TaxSlayer to deactivate the Pixel from Ramsey SmartTax.”
After conducting their own investigation, lawmakers want the companies to face criminal charges for their actions, saying it “is essential for protecting the rule of law and the privacy of taxpayers.”
In a letter that was shared exclusively with The Verge, the lawmakers ask the DOJ to take action.
Dear Deputy Attorney General Monaco,
We write to urge you to investigate and prosecute the criminal behavior of major tax preparation companies identified in our investigation and confirmed by the Treasury Inspector General for Tax Administration (TIGTA) and the Internal Revenue Service (IRS). Last month, TIGTA released an audit report confirming that four online tax preparation companies broke the law by sharing legally protected and sensitive taxpayer information with Big Tech firms without properly obtaining taxpayer consent. The IRS agreed with TIGTA’s assessment. Now that TIGTA and the IRS have confirmed that these disclosures violated taxpayer privacy law, we reiterate our calls for the Department of Justice (DOJ) to investigate those responsible for this shocking breach of taxpayer privacy and take appropriate action without further delay.
The lawmakers lay out the legal issues involved.
We warned that this data sharing was not only an egregious violation of taxpayer privacy, but appeared to be illegal, and we called upon TIGTA, DOJ, and other authorities to investigate. Criminal law governing sharing of tax data states that a tax return preparer may not disclose “any information furnished to him, or in connection with, the preparation of any such return” or use that information “for any purpose other than to prepare, or assist in preparing, any such return.” Although Treasury Regulation § 301.7216 specifies limited instances when a tax return preparer may disclose or use tax return information with a taxpayers consent, we found that the tax prep companies failed to meet the requirements for consent.
TIGTA’s September 17, 2024 audit report has now confirmed our findings of illegal behavior by tax prep companies. TIGTA conducted a detailed review of four tax software companies, including their consent statements, privacy agreements, and user agreements available from September 2023 to April 2024. TIGTA found that the tax prep companies’ taxpayer consent statements “did not comply with the requirements of Treasury Regulation on § 301.7216” because they “did not clearly identify the intended purpose of the disclosure or the specific recipient(s) of the tax return information.” TIGTA also noted that, “the IRS confirmed that these statements do not fully comply iwth the requirements of Treasury Regulation on § 301.7216-3.”
The lawmakers say the DOJ now has all it needs to prosecute the companies under applicable law.
The penalties for knowingly or recklessly disclosing or using tax return information include up to 1 year in prison, and penalties of up to $1000 per violation. DOJ has the sole authority to enforce the criminal statute on behalf of the millions of taxpayers harmed by this unauthorized disclosure of their sensitive personal and financial data. That is why, since July 2023, we have urged you to act. TIGTA itself notes that it “reports potential criminal violations directly to the Department of Justice when TIGTA deems that it is appropriate to do so, so it is quite possible that TIGTA has now referred its findings of criminal behavior in this matter to DOJ.
Accountability for these tax preparation companies — who disclosed millions of taxpayers’ tax return data, meaning they could potentially face billions of dollars in criminal liability —is essential for protecting the rule of law and the privacy of taxpayers. The IRS recently announced the expansion of its highly successful IRS Direct File program to 24 total states so over 30 million taxpayers can file for free, securely, and directly with the IRS, however, many Americans taxpayers still rely on private tax preparation companies. These companies must be held accountable for illegally sharing sensitive taxpayer information. We urge you to follow the facts and the conclusions of TIGTA and the IRS and to take appropriate action against any companies or individuals that have violated the law.
The entire debacle underscores the need for comprehensive privacy legislation that will protect the private and sensitive data that companies have access to, and limit how they can share it. In the meantime, if the DOJ follows up on the lawmakers’ recommendation, the four companies in question could end up paying a heavy price and serving as a stark warning to other companies.
from WebProNews https://ift.tt/q8xiob2
No comments:
Post a Comment