The Taxonomy of IRS letters

Science has documented and named something like 900,000 different insect species. Interestingly, most authorities agree that the number of insect species that have not been named far exceeds the number that have been named. We can only estimate what this number might be: anywhere between 2 million and 30 million.

And this is where I draw a strange comparison between insects and IRS correspondence. It won’t seem all that strange if you have ever received IRS mail over an extended period of time. The comparison certainly isn’t that tenuous from the perspective of a tax attorney who sees an endless stream of every type of IRS correspondence show up in the office. Based on a recent TIGTA audit report, the IRS sent out over 141 million notices and 37 million letters during fiscal year 2014. That’s a lot of mail, but knowing how many people that they have to reach, these numbers seem reasonable. However, the variety of IRS letters and notices (like the variety of bug species) is apparently too large for the IRS to wrap its brain around. There are 2,749 types of letters and 195 types of notices currently in circulation.

TIGTA conducted this audit in order to follow up on a project that was initiated years ago wherein the IRS was supposed to remove social security numbers from forms, letters, and notices (due to identity theft concerns) except in cases where the SSN is absolutely necessary. The project was supposed to be completed in 2009, but the IRS put it off due to budget cuts and the need to focus efforts elsewhere. TIGTA found that the IRS has fixed only 2 percent of its letters and 48 percent of notices. Not only does the IRS not have a plan for completing this project and removing social security numbers, it does not even have a process or procedure for identifying correspondence with unnecessary SSNs. IRS management is apparently overwhelmed by the variety of correspondence; they are on record saying that compiling a list of all correspondence is more costly an endeavor than it appears. So what is the best way to describe the relationship between IRS correspondence and the world’s insect population? They’re everywhere and we don’t even know what most of them are.

Another IRS Mistake: Thousands of Social Security Numbers Exposed on Internet

This time the IRS leaked thousands of social security numbers on its 527 “non-profit political groups” website.  The security lapse was brought to light by Public.Resource.org.

It is unclear how many SSNs were exposed and whether or not the SSNs were displayed alongside any other identifying information.  I think this would be an important detail.  I’m not sure what exactly is needed to perpetrate an identity theft or a financial crime using a SSN, but it seems to me that more would be needed than simply the SSN.  I would think that a criminal would need at least the name that goes with it too.

Furthermore, it looks like this information probably did not fall into the hands of any criminals.  The data remained up on the site for less than 24 hours, and during that time (if I understand the geek speak) there were only 8 total clicks on the page in question and no actual privacy complaints.

Still, as with all the other recent IRS blunders, what bothers most taxpayers is the fact that the mistake was made, not the end result or the damage that was done.  Think of how many visitors irs.gov gets each day.  Popularity-wise we don’t like it, but traffic-wise, it is one of the most visited websites in the country.  It just so happened that the SSNs were exposed in a little obscure corner of a massive, content-rich IRS website.  It is easy to see how this was a close call and could have been a much more serious mistake.  When it comes to our personal identifying information and our financial information, we don’t like close calls.  A close call just means that there could easily be a “next time” and next time we might not be so lucky.

Truncated Tax ID Numbers

image via ssa.gov

Many people wait with some anxiety for their income tax refund check around this time of year.  If you get a big refund then you, in essence, have given the government an interest free loan all year.  Still, many taxpayers overpay throughout the year because they have grown accustomed to receiving a refund check, which they see as a form of tax relief.

So what if that check never came?  It happens sometimes, and all too often it is the result of identity theft.  The IRS has taken numerous steps to prevent identity theft, but it still pays out billions of dollars in erroneous refunds.  One of the newest proposals in the fight against identity theft is the Truncated Taxpayer Identification Number, or TTIN.

The TTIN is basically the last four digits of a Social Security Number (SSN) and looks something like this: xxx-xx-4777 or this ***-**-4777.  The IRS has issued proposed regulations that would allow certain information return filers to use a TTIN instead of a SSN on their tax documents.  The IRS has run a successful TTIN pilot program in the past and it is believed that this will help curb identity theft.  Even if the regulations are approved, a full 9-digit SSN will still be required for 1040 income tax returns.  The proposed regulation has to do with information returns such as forms 1099, 1098, and 5498.

SSN Randomization

Your social security number (SSN) is actually made up of three different numbers: the 3-digit area number, 2-digit group number, and 4-digit serial number. This is the way its been done since social security numbers first started being assigned back in 1936. But later this month the Social Security Administration (SSA) is going to begin assigning numbers randomly. This will make additional numbers available that are currently restricted due to the area number. Basically, it will take longer for the SSA to run out of numbers. Also, the randomization method of SSN assignment is supposed to better protect the integrity of the numbers. Bad guys won’t be able to figure out the first 3 digits based on state. Even after this change, the SSA will still not be using 000, 666, or 900-999.