OPINION:
Americans guard their privacy jealously, as they should, and defend their property with their lives, sometimes foolishly. The Internal Revenue Service (IRS) has infringed both privacy and property with a lengthy list of taxpayer abuses. Few instances, though, are more damaging than the loss of the personal information of more than 100,000 taxpayers to the depredations of hackers. The government has fundamentally violated its covenant with the governed, and the revenuers answer for it with more excuses.
The IRS disclosed the security breach last week, explaining that hackers, believed to be based in other nations, including Russia, broke into the agency’s website between February and mid-May, plundering the records of 104,000 taxpayers. The information could be used to generate fraudulent tax returns on which to apply for tax refunds. The financial tangles that must be undone could drive a saint to sin.
Few mistake IRS Commissioner John Koskinen for a saint, with his unapologetic defense of the abuses and shortcomings of the federal bureaucracy’s most despised agency. He told the Senate Finance Committee this week that hackers had filed 13,000 bogus tax returns, costing the U.S. Treasury about $39 million in fraudulent tax refunds.
The recent security failure should surprise no one. In March, the Government Accountability Office pointed out scores of deficiencies in the IRS computer network that hackers could exploit. Barring remedies, “financial and taxpayer data will remain unnecessarily vulnerable to inappropriate and undetected use, modification or disclosure,” the GAO said.
J. Russell George, the Treasury inspector general for tax administration, confirmed to the Senate committee that IRS cybersecurity failures are making it easy for hackers to steal. “It would have been much more difficult if they had implemented all of the recommendations we made,” he said.
One glaring flaw is the agency’s use of the Microsoft XP software, in its time a remarkably efficient program, but it’s 13 years old. Microsoft no longer issues “security patches” for the program, and there’s no money for an upgrade. The agency’s budget has been trimmed by $1 billion since 2010.
Doing more with less is standard procedure for Americans everywhere in economically difficult times — everywhere but for government. Is the IRS deliberately botching its mission to make its case that budget cuts have rendered the agency inoperable? Or is it a matter of blithe disregard for the misuse of other people’s money? When sending a tax refund is as easy as making a computer keystroke, other people’s cash can look like Monopoly money. In 2014, the IRS paid out $6.5 billion in false refunds, and that was prior to the latest cyber-heist. This year’s losses could climb higher.
Federal employees are no more or less models of financial responsibility. In March, the House Oversight and Government Reform Committee reported that nearly 114,000 federal workers owe the government more than $1.1 billion in back taxes. One former IRS employee in Kansas City pleaded guilty this week to using stolen identification to collect $326,000 in fraudulent tax refunds.
IRS failures might be examples of a government leviathan that is unwieldy and gets in its own way. That might be too charitable. Given the scandals that have embroiled the tax agency — scheming to deny nonprofit status to Tea Party groups, illegal leaking of tax returns of conservative organizations and deliberate scaling back of assistance to taxpayers during the recent tax season, it’s evident that the IRS has broken trust with the American people. A tough, painful overhaul — as merciless as an audit of a tax return — is long overdue.
Please read our comment policy before commenting.