IRS Abandoning Plan to Reduce Fraud Due to Congressional Whining
In the face of the IRS losing billions of your tax dollars every year, they instituted a plan last year to actually verify the identity of people who are logging on the the IRS’s digital websites. What a novel concept. Would you do business with a bank that would let anyone walk in, say that they were you and empty out your bank account? I didn’t think so.
But that, effectively, is what the IRS has been doing for decades.
But now, in the wake of a blog post by Brian Krebs (whom I generally like), Congress put a lot of pressure on the IRS to abandon the solution.
Since the IRS is a political animal and needs Congress to give it money to operate every year, in light of some Congress critters asking about what they were doing and why, and suggesting that they should not be improving security, the IRS, who is always challenged to communicate anything effectively, instead said, yes, sir, how high would you like me to jump sir.
The IRS is now saying that they are going to migrate away from ID.me – a private company that dozens of states are using, and instead will come up with some new magic in just a few months.
The complaint was that it was hard for the technically challenged to get an account and this is probably true.
But ID.me has hundreds of places that a human being can go and talk to another human being, without even needing to own a computer, and get an account.
There were also concerns about ID.me’s security, even though they have been operating for 10 years and have not had a breach. Can the IRS say the same thing? Uh, no, they seem to have a breach almost every year.
I am sure that the IRS will implement some hairbrained solution that will neither be secure nor provide good authentication in the next couple of months. Remember these are the folks that are still using computer programs written in the 1980s and are YEARS behind in their modernization efforts.
I am sure that whatever they come up with in the next couple of months will be wonderful. And secure. And protect people’s identities.
If they are concerned about ID.me’s security and privacy, what they should do is (a) pass some effective laws (wait that won’t happen) and (b) address the specific concerns and fix them (that’s not going to happen either because most Congress people need an aide to help them log into a Zoom meeting. Really).
Oh, well, it is just billions of your and my tax dollars at risk. Thanks Congress. Credit: Brian Krebs