A new report from the Government Accountability Office, a nonpartisan government agency tasked with auditing, evaluating, and investigating government affairs for Congress, faults the Internal Revenue Service for failing to properly secure taxpayer data, leaving taxpayers’ private information at the mercy of hackers, both domestic and foreign. The report, delivered to IRS chief John Koskinen on March 28, says the IRS has failed to make recommended improvements to its financial and information-technology procedures.
Unfortunately for taxpayers, the IRS has little motivation to protect the sensitive data it collects, because the agency views government, not taxpayers, as its consumer.
According to the report, the IRS “has not always effectively implemented access and other controls, including elements of its information security program, to protect the confidentiality, integrity, and availability of its financial systems and information.” Also: “These weaknesses — including both previously reported and newly identified — increase the risk that taxpayer and other sensitive information could be disclosed or modified without authorization.”
Other violations of good IT security practices cited in the report include failures to encrypt taxpayers’ vital information, weak passwords on servers containing taxpayer data, and easy-to-evade physical security. For example, the report says non-employees could plausibly sneak by security guards in some IRS data centers and gain access to secure systems.
GAO auditors can issue reports until they’ve run out of printer paper and toner ink, but until lawmakers get tough with the IRS, the taxman will have no incentive to shape up. Living things consume resources, grow, react to stimuli, and reproduce. Government agencies such as the IRS consume taxpayer money, hire more staff, make new rules and regulations, and spin off new divisions and departments on a regular basis.
From the politically motivated “enhanced auditing” of conservative organizations committed by Lois Lerner and her employees to repeated data breaches, the government agency U.S. citizens are forced to deal with every year on April 15 has treated Americans with contempt. Why? Precisely because Americans are forced to “do business” with the IRS, there is little reason for the IRS to provide better customer service, protect private data, or apply tax laws in a neutral, nonpartisan way.
As Bruce Yandle, dean emeritus of Clemson University’s College of Business and Behavioral Science, wrote for the Foundation for Economic Education, the solution to poor service from public servants is to reduce the power government has over citizens, so there are fewer opportunities for corruption and inefficiency.
“We must take action to reduce occurrences that corrupt the political process,” Yandle wrote. “But how? First, by limiting the domain of government action. Then, when the domain is limited, by requiring transparency and regular agency reports that demonstrate choice neutrality, by encouraging competition from the loyal opposition, and by showing constant vigilance.”
Also like living things, the IRS has an instinct for self-preservation, and lawmakers must harness that desire to align the agency’s actions with the best interests of taxpayers. By reducing the IRS’ size and power, as well as the power of the federal government in general, abuse and corruption become less attractive, and agencies are forced to concentrate on their core competencies.
Just as a trainer disciplines a disobedient animal, Americans need to demand their government start working for them again, instead of the current status quo of Americans constantly working to feed the government leviathan.