IRS Office by Alpha Photo is licensed under CC BY-NC 2.0

Yesterday, House Republicans on the Ways & Means Committee took a crucial step in ensuring those who illegally disclose private taxpayer information are held to account.  

House Ways & Means Chairman Jason Smith (R-MO.) introduced the Taxpayer Data Protection Act (H.R. 8292), legislation to strengthen penalties for disclosing private taxpayer information and clarify that each taxpayer impacted by disclosed tax information is considered a separate violation of the law. The bill currently has 24 original co-sponsors, all Republican members of House the Ways & Means Committee. To no surprise, not a single Democrat has cosponsored the legislation. 

Americans for Tax Reform strongly supports this legislation and urges all lawmakers to back it. 

Under current law, the improper disclosure of an individual’s private tax return information is considered a felony punishable by a fine in any amount not to exceed $5,000, or imprisonment of not more than 5 years, or both. 

If enacted, the Taxpayer Data Protection Act would increase the maximum fine to up to $250,000, and similarly increase the maximum prison sentence to not more than 10 years. It also clarifies that any law violation affecting more than one taxpayer should be treated as a separate, distinct violation. 

This bill comes as a response to the seemingly never-ending saga of incompetence at the IRS. Back in 2019, an IRS contractor illegally stole the taxpayer data of “tens of thousands” of individuals and leaked it to left-wing news outlets. Those organizations then published stories targeting numerous American taxpayers, utilizing private information that the IRS was supposedly keeping secure. 

Despite Republicans repeated calls for answers on the leak of sensitive information and the multiple hearings the committee held on the matter, the IRS kept taxpayers in the dark for years.  

Finally, in September of 2023, the Department of Justice released information that an internal IRS system was the source of the stolen, private taxpayer files. The thief — Charles Littlejohn — was an IRS contractor via Booz Allen who had “vast amounts of unmasked taxpayer data” on IRS systems. 

Despite stealing the private data of thousands of individuals and therefore committing multiple felonies, the thief was only charged with a single count and has been sentenced to a measly 5 years in prison, equivalent to only 5 hours and 20 minutes for each felony

The IRS has a long history of neglecting taxpayer privacy, and the light sentence given to Charles Littlejohn will do little to deter future bad actors. The Taxpayer Data Protection Act will help to deter any future violations and guarantees that no individual can flagrantly violate the privacy rights of American taxpayers without being held to the fullest extent of the law.