TIGTA cites online tax prep info sharing issues for filers & IRS
Monday, September 23, 2024
Do you look at your overflowing email box (OK, maybe that’s just me) and wonder why in the heck am I getting all this unsolicited crap?
It’s probably because you checked, or didn’t check, a box when you went to some website. You either directly or implicitly consented to let that site pass along your email to “partners” who are now inundating you with unwanted email.
That’s a tax issue, too, according to the Treasury Inspector General for Tax Administration (TIGTA).
In a just released report, TIGTA says The Information Collected by Online Providers and Shared With Third Parties Is Not Clearly Disclosed to Taxpayers and Is Unknown to the IRS. And, yes, that’s the report’s official name.
Vague info gathering: “Our review of four tax software companies found that the providers requested taxpayer consent for the disclosure and use of tax return information, used the required format, and met requirements for electronic signatures,” the report notes.
“However, the consent statements did not clearly identify the intended purpose of the disclosure and specific recipient(s) of the tax return information,” it continues.
That’s because, according to the report, the Internal Revenue Service guidance for obtaining taxpayer consent to use or disclose taxpayer information does not specifically address the use of third-party code, known as pixels, used to track information on a website.
“Additionally, the IRS does not have awareness of the full scope of information that an online provider routinely collects, beyond what is filed with the IRS, or shared with third parties,” according to TIGTA.
Stricter standards for other tax providers: The IRS partners with tax professionals and other taxpayer services that filers use to meet their tax obligations.
Before it accepts these entities as partners, the IRS conducts suitability checks. This includes background and tax compliance checks, to ensure that reputable individuals are participating in the Authorized e-file Provider (that is, online providers), Acceptance Agent, and Enrolled Agent Programs.
The reason for the checks is obvious. Letting unsuitable individuals into these programs would increase the risk to taxpayers.
Similarly, when it comes to tax software companies, which millions of filers use, those providers may not use or disclose tax return information except as specifically permitted or where the taxpayer provides consent.
But the nature of the software services poses different IRS control issues.
Online tax services processes: When a taxpayer uses an online provider’s website to complete a tax return, all information that is collected during the process, including the information necessary to complete the filing, occurs at the online provider’s website. The online provider then transmits the tax return to the IRS.
However, notes the TIGTA report, the online provider is not required to provide any details regarding the information that is collected beyond what is included with the tax return, the extent to which any data are shared with third parties, and whether taxpayers provide consent or non-consent to share their data with third parties.
IRS officials acknowledged that the agency does not have a process in place to ensure that online providers’ taxpayer consent statements are compliant with the requirements in current IRS guidance.
“Additionally, the IRS does not have awareness of the full scope of information that an online provider routinely collects, beyond what is filed with the IRS, or shared with third parties,” added the report.
Limited online consent information: The TIGTA review also found that the online tax services’ consent statements often did not clearly identify the intended purpose of the disclosure and the specific recipient(s) of the tax return information.
The report cites the following example —
You authorize Company A to disclose to Company B all your tax return information (excluding Social Security Numbers) …so that after you file, Company B can provide products and services tailored to or that may interest you….
TIGTA’s review further found that even when a consent statement is more forthcoming — for example, “Company B may use service providers and business partners to accomplish these tasks.” — it does not specify the names of the providers and partners used by Company B.
While the specific names of the providers and partners are provided, TIGTA found that three of the four tax software companies identified specific companies in their privacy or user agreements, but did not include that information in their consent statements.
“Instead, the third parties were referenced in generalities, e.g., nonaffiliated third parties, marketing arrangements, and service providers,” said TIGTA.
Hence, lots and lots of potential spammy electronic correspondence aimed at the tax software users after they filed their returns.
IRS left out of the loop, too: TIGTA also noted that the IRS isn’t fully informed in many cases about the full scope of tax information that is disclosed to third parties through an online provider website. Disclosures with taxpayer consent, for example, is unknown to the tax agency.
That’s not the case with other tax providers.
Upon acceptance into the Authorized e-file Provider Program, the IRS informs tax return preparers and other providers of their obligations to safeguard taxpayer data. This guidance is included as part of Letter 5880C, E-file Application Program Acceptance, which includes references to various IRS publications.
The authorized e-file providers then are responsible to ensure that they meet the requirements of protecting taxpayer data and comply with the program requirements, including taxpayer consent statements.
When it comes to the online tax services, however, there’s no comparable consent statement and IRS notification requirement.
TIGTA recommendations: TIGTA provided three recommendations to improve the clarity of taxpayer online consent statements and what is shared with the IRS.
First, TIGTA suggested IRS update a revenue procedure to include language that consent statements must identify the purpose of disclosure and specific recipient(s), and the IRS agreed. The tax agency said it will discuss with Treasury, as part of the process of developing IRS’ Priority Guidance Plan, updating this guidance.
However, the IRS noted that it ensure that the item will be selected for the plan or that the Department of the Treasury will approve the project.
As for pixel sharing, the IRS agreed with the need for clear, reliable, and timely communications of data-sharing practices and will, in collaboration with the tax software companies, identify the most appropriate communication mechanism.
TIGTA’s third recommendation is that the IRS identify and implement potential solutions that ensure authorized e-file providers comply with the regulatory requirements of taxpayer consent statements. This could include, for example, sample reviews of tax software companies’ taxpayer consent statements or creating a data element to track if taxpayers are consenting to sharing their information with third parties.
IRS management agreed, and said it will explore and identify potential solutions, including those examples provided in the recommendation.
Meanwhile, whether it’s filing your annual tax return or shopping for, well, anything, online, make sure you pay attention to what info the website wants from you and how it plans to use it.
You also might find these items of interest:
- IRS updates guide to help tax pros create a written information security plan
- FTC takes actions against Intuit/TurboTax and H&R Block tax software programs
- Tax software companies sent customers' filing data to Facebook, says new investigation
Advertisements
🌟 Explore Prime for Young Adults 🌟
The text link above is an affiliate ad. If you click through and then buy a product, I receive a commission.
Comments