IRS Leaks Taxpayers Social Security Numbers in Publicly Available Offers in Compromise

Posted on May 12, 2016

An Offer in Compromise allows a taxpayer to settle his or her tax debt with the IRS by paying less than what is due and owing. By law, after an Offer in Compromise is accepted, anybody is allowed to review the accepted Offers for a period of one year. The reason that accepted Offers in Compromise are available for public review is to ensure the Offer in Compromise program is being administered fairly by the IRS.

Before an accepted Offer in Compromise is available for public review, the IRS must first redact or delete taxpayer information including Social Security numbers. Unfortunately, the IRS is not properly redacting taxpayer information on all accepted Offers in Compromise.

According to an audit performed by the Treasury Inspector General for Tax Administration, seven instances of redaction errors were found in a sample of 300 accepted Offers in Compromise. Social Security numbers or Employer Identification Numbers were visible on the improperly redacted forms.

By extrapolating this figure over the 28,028 Offers in Compromise accepted between August 1, 2014, and July 31, 2015, this would equate to approximately 654 instances where confidential taxpayer information was essentially leaked to the general public.

The accepted Offers in Compromise in issue were available for public viewing at ten IRS facilities across the United States. Public viewing of accepted Offers in Compromise has now been suspended pending a full review by the IRS of taxpayer personal information and the full redaction of that information.

Disturbingly, the IRS Office of Privacy, Government Liaison and Disclosure determined that taxpayers whose information has been exposed do not need to be notified. According to the audit, some of the redactions were laughable, including a Social Security number written in pen immediately below a redacted Social Security number or Social Security numbers remaining visible after being drawn over by a few horizontal lines with a ballpoint pen.

According to the audit, the IRS “did not adequately protect sensitive taxpayer information even after it was brought to the attention of management during internal reviews.” Unfortunately, this represents another instance where the IRS has failed to protect sensitive taxpayer data.