Arguably one of the most concerning provisions in the Democrats’budget reconciliation package is enabling the Internal Revenue Service (IRS) to look into American's bank accounts if they have deposits greater than $10,000, excluding salaries, each year. Not only does this provision represent a flagrant violation of privacy and a constitutional right to unreasonable search and seizures, but the provision could also leave Americans vulnerable to cybercrime and the threat of identity theft.
Under the proposal, banks would have to disclose to the IRS accounts "accounts that have total annual inflows or withdrawals of at least $10,000." The Treasury Department hopes that these new provisions will enable it to collect an additional $160 billion each year and $7 trillion in uncollected taxes over the next decade to fund social spending measures contained within the Build Back Better Act.
Proponents of the bill’s provisions, including Senator Elizabeth Warren (D-MA), have claimed the proposals would allow the IRS to "zero in on tax cheats when the wealthy do not honestly report their income." Critics of the bill, most notably Senate Minority Leader Mitch McConnell (R-KY), have claimed the bill's provisions amount to "new snooping powers" that will treat "normal American households like everybody is under audit."
However, not widely discussed are the cyber vulnerabilities the provisions would create and how it could lead to the loss of sensitive financial information. For example, alongside the total deposits, banks would also be required to provide the IRS bank account numbers and potentially other sensitive information such as Social Security Numbers (SSNs) and debit card numbers.
While the IRS already obtains some of this information from annual tax returns, mandating banks furnish it to the agency creates the opportunity for cybercriminals to obtain the information through advanced hacking tactics.
The transmission of this information occurs when cybercrime and data breaches are becoming increasingly common. In 2020, the Federal Bureau of Investigations (FBI) reported a total of 2,211,396 instances of cybercrime, with losses amounting to $13.3 billion. Additionally, estimates suggest that in 2020, there were over 1,000 data breaches in the United States, with 155 million records exposed to hackers. To put that number in context, half of America's population had at least one record exposed in 2020 and over two breaches each day.
The records obtained by hackers range from social media passwords to SSNs and other sensitive financial information.
While most of these cyber-attacks and data breaches targeted private entities, cybercriminals have also routinely targeted the federal government. For example, in 2020, the U.S. federal government was the victim of a massive data breach, with the Department of Agriculture, Commerce, Defense, Treasury, and Homeland Security all being targeted by a Russian-linked group.
While the IRS was not a victim of the 2020 federal government hack, cybercriminals have targeted the agency in the past. In 2015, hackers were able to successfully breach the IRS'Get Transcriptsystem to obtain the personal information of 104,000 taxpayers, information that criminals could use to apply for credit cards and loans without the victim knowing.
Both the 2020 federal government and 2015 IRS data breaches show that even on government servers, consumer data is not out of reach from cybercriminals and those who want to exploit the failure of the federal government to secure sensitive information appropriately. These instances further underscore the myriad of dangers of allowing the federal government unrestricted access to sensitive financial data.
Perhaps the flagrant invasion of privacy should be reason enough to oppose provisions outlined in the Democrat's reconciliation bill to fund a social spending bill. What lawmakers have failed to consider, however, is how allowing the IRS to snoop on taxpayers' bank accounts could leave them vulnerable to cybercrime and data breaches.
Taxpayers and consumers deserve better
.Edward Longe is a Policy Manager at the American Consumer Institute, a nonprofit educational and research organization. For more information about the Institute, visit www.TheAmericanConsumer.org or follow us on Twitter @ConsumerPal
Join the conversation as a VIP Member