As soon as summer 2022, taxpayers will be required to upload a “selfie” in order to access their tax records. The Internal Revenue Service is going to be utilizing a third-party company, ID.me, in what the agency says is a measure to protect taxpayers.
Taxpayers, however, are bristling at what they believe could be a major privacy issue.
If taxpayers wish to log into the IRS website and access their online accounts, access the Child Tax Credit Update Portal, get a transcript of prior tax years, or even look at online payments, he or she will need to create an account with ID.me.
The IRS states that current online accounts, which are presently protected only by a password, will no long work beginning this summer. When that takes place, users will need to create an account with the third party company.
The IRS’s Commissioner, Chuck Rettig, released a statement regarding the upcoming changes. According to Rettig: “The IRS has been working hard to make improvements in this area, and this new verification process is designed to make IRS online applications as secure as possible for people.”
Those who attempt to create an account with ID.me will have to submit a copy of their current government ID as well as a copy of a utility bill and the selfie. Those who have older computers without a web camera also see this as a hindrance to accessing important information from the IRS website.
The IRS states that ID.me is a “trusted technology provider;” however, many taxpayers are deeply concerned with privacy issues. ID.me has a privacy bill of rights available for viewing online, and the company claims that it does not “sell, lead or trade biometric data to any third parties or derive any profit from the sale, lease or trade of biometric data.” However, ID.me is permitted to share information with its partner companies “with users’ explicit permission.”
According to this bill of rights, ID.me “may retain your biometric data for several years, depending on the nature of the data and relevant legal or operational retention needs.”
Privacy advocates are highly critical of the move. The claim that this is an invasion of privacy, and they warn that the Internal Revenue Service is opening a door to potential data breaches. According to Jackie Singh of the Surveillance Technology Oversight Project, “the decision will only lead to further ruin for Americans when the data is inevitably breached.” If that does happen, it won’t be the first breach of the IRS. One spring, hackers were able to get past a screen on the “Get Transcript” portion of the IRS.gov website, and the sensitive information of at least 104,000 taxpayers was stolen.
The IRS has stated that individuals will not need ID.me in order to submit tax returns, but, if taxpayers need a transcript for years past or if they need to access most other online tools via IRS.gov, they will need to set up the account with ID.me. The IRS is already encouraging users to set up their ID.me account ahead of the summer changes.
When it comes to making payments via IRS.gov, the agency said that users do not need to make an ID.me account. Because tax payments can be made via one’s bank account or a credit card, one does not need to set up a facial recognition account in order to carry out this task.
ID.me is self-described as a technology provider. The company was created in 2010, and its initial purpose was to compare an ID with a video selfie. ID.me is the brain child of a veteran, Blake Hall. The company has become one of the premier identity verification technology businesses in the United States.
The IRS says that it will soon require other tools within the IRS.gov website to utilize facial recognition.
When one creates an account with ID.me – at least in order to access IRS.gov, they are required to give sensitive personal information, including one’s social security number, email address, and photo ID.
Jackie Singh, who took to Twitter to express privacy concerns, made a call out to “every tech-aware American” in order to push back against this type of identification.