The Internal Revenue Service is rethinking its decision to force taxpayers to use a private identity verification company in order to access their online accounts. The 180 came after blowback from Congress and consumer and privacy advocates.
The reassessment doesn't mean the IRS is giving up on ways to strengthen its online security.
Rather, according to a Treasury statement reported by Bloomberg, the IRS is looking at ways to "balance ease of taxpayer access" with increased protections against criminals who use stolen taxpayer identities to file for fraudulent tax refunds.
The increased security raised public concerns after government contractor ID.me's use of facial recognition recently received renewed attention, including in my blog post, IRS online taxpayer account access soon will require selfies, more personal info."
Identity verification method questioned: Taxpayers already were using ID.me, most notably to gain access to the IRS Child Tax Portal so they could make changes to the advance payments distributed last year.
The major objection to the ID.me process was aimed at the company's facial identity verification requirement. In order to create an ID.me account, which then is or will be used to sign on to IRS and other government online options, applications must take a selfie and submit it to the company.
Opponents of facial ID were quick to point out existing recognition problems.
Civil rights advocates say facial recognition is less accurate for people with darker-skin tones than for those with lighter skin.
Face-match technology also has led to wrongful arrests in numerous cases, according to the American Civil Liberties Union (ACLU).
Concerns from Congress: Capitol Hill also joined the debate.
"I'm very disturbed that Americans may have to submit to a facial recognition system, wait on hold for hours, or both, to access personal data on the IRS website. While e-filing returns remain unaffected, I’m pushing the IRS for greater transparency on this plan," said Sen. Ron Wyden, the Oregon Democrat who chairs the Senate Finance Committee.
A similar message was issued from the House side.
"This is a very, very bad idea by the IRS. It will further weaken Americans' privacy. And facial recognition is less accurate for darker skin individuals. The IRS needs to reverse this Big Brother tactic, NOW," said Rep. Ted Lieu (D-California).
I suspect that legislation limiting private companies' involvement in governmental personal matters like federal taxpayer accounts is being drafted as I type.
I know, too, that the ID.me situation will be used by those seeking an increase to the IRS budget so that it can take care of more matters in-house.
Outside contractors common: That financial component was raised by a Treasury Department spokesperson who defended the use of outside contractors to provide security upgrades, if not the particular facial recognition method that's under fire.
The IRS does not have sufficient funding to modernize its computer systems, a Treasury representative told Bloomberg, forcing the agency to rely on external entities to secure taxpayer accounts against unauthorized access.
As for the external entity in question, ID.me issued its own statement, emphasizing that the company does not sell users' personal information, and that it meets the National Institute of Standards and Technology (NIST) guidelines.
Petition to dump ID.me: Such assurances, however, have not stopped opponents. A group of digital rights groups are seeking support for an online "Dump ID.me" petition.
They are urging the IRS, "for the future of privacy and our collective safety," to "immediately cancel all plans to subject taxpayers to facial recognition or any biometric surveillance tools."
You also might find these items of interest:
- Digital IRS is costing those who can least afford it
- Ways to keep your business from becoming a tax cybercrime target
- COVID pandemic provides new paths for con artists to steal tax (and other) money, identities