US lawmakers push DoJ to prosecute tax prep firms for leaking taxpayer data to big tech
TaxSlayer, H&R Block, TaxAct, and Ramsey Solutions accused of sharing info with Meta and Google
A quartet of lawmakers have penned a letter to the Department of Justice asking it to prosecute tax preparation companies for sharing customer data, including tax return information, with Meta and Google.
In a letter made public on Tuesday, senators Elizabeth Warren (D-MA), Ron Wyden (D-OR), and Richard Blumenthal (D-CT), along with representative Katie Porter (D-CA), urged US deputy attorney-general Lisa Monaco to hold tax service providers accountable for criminal activity they identified last year, and which has since been confirmed by the Treasury Department's own investigation.
"Now that TIGTA [the Treasury Inspector General for Tax Administration] and the IRS have confirmed that these disclosures violated taxpayer privacy law, we reiterate our calls for the DoJ to investigate those responsible for this shocking breach of taxpayer privacy and take appropriate action without further delay," the lawmakers wrote.
The lawmakers claim personal information, income and tax refund amounts, filing status, exemptions, and info on deductions was shared with Google and Meta.
The TIGTA report published last month doesn't name any names, but its findings generally echo a 2023 report the letter's authors had a hand in writing – which alleged TaxSlayer, H&R Block, TaxAct and Ramsey Solutions shared taxpayer information and financial details with Google and Meta.
Warren has been a regular opponent of tax preppers for their use of "junk fees." TurboTax, one of the most egregious abusers of excess charges, has already paid millions to the US government to settle claims it ripped users off, but we note its exclusion from this set of allegations.
It's not clear whether TIGTA investigated the same entities as those named in the 2023 Senate report. According to TIGTA's findings, it shared concerns about the four examined in that document and "considered these concerns when developing the scope of our review" – suggesting the same businesses might be under the microscope in both cases.
According to both the 2023 and TIGTA reports, the technology that leaks customer info is the tracking pixel. Those tiny, invisible images log everything website visitors do, and share the data with whoever is responsible for creating the tracking snippet – like Google, Meta, or even TikTok.
- Online tracking is alive and well in link decoration
- Google 'wiretapped' tax websites with visitor traffic trackers, lawsuit claims
- Tracking cookies found in more than half of G20 government websites
- Thought you'd opted out of online tracking? Think again
Gathering and sharing that data, as personal and private as it may be, isn't explicitly illegal when service providers properly disclose what data is being collected, why they collect it, and who it's going to be shared with. Unfortunately for the tax time helpers examined by TIGTA, they don't appear to have made those disclosures.
"Our review of four tax software companies found that the providers requested taxpayer consent for the disclosure and use of tax return information, used the required format, and met requirements for electronic signatures," TIGTA said in its report. "However, the consent statements did not clearly identify the intended purpose of the disclosure and specific recipient(s) of the tax return information."
TIGTA noted in its report the improper disclosures contravene Treasury Department regulations on disclosure of tax return information, which the letter writers noted carries a penalty of $1,000 and up to a year in prison per violation.
"Accountability for these tax preparation companies – who disclosed millions of taxpayers' tax return data, meaning they could potentially face billions of dollars in criminal liability – is essential for protecting the rule of law and the privacy of taxpayers," the lawmakers argued. "DoJ has the sole authority to enforce the criminal statute on behalf of the millions of taxpayers harmed by this unauthorized disclosure."
The Department of Justice acknowledged receipt of the letter in an email to The Register, but declined to comment beyond that – making it unclear whether any legal action will arise from the lawmakers' request. ®