IRS: Reviewing Its Legal Obligations, Document Preservation, and Data Security

TAKEAWAYS:

• On multiple occasions, the Internal Revenue Service (IRS) failed to meet its legal obligations to properly preserve documents.
• According to the IRS Deputy Commissioner of Operations, the Agency issued a new policy in 2016 that prevents the destruction of any laptops or cellular devices of departing employees. This policy comes five years after Congress first raised concerns about targeting at the IRS.
• The IRS continues to use outdated IT legacy systems that are at risk for cyber-attacks and system failures. According to the IRS Inspector General, these systems will remain vulnerable to attacks unless steps are taken to improve security measures.
• A recent security breach at the IRS was revealed only after Committee investigators began asking questions about a separate incident at the Agency.

PURPOSE:

• To examine Internal Revenue Service (IRS) processes for preserving documents in accordance with legal obligations, including internal preservation orders.
• To review the agency’s information security and understand how the agency secures the sensitive information filed by millions of individuals and companies each year.

BACKGROUND:

• On January 15, 2016, the IRS disclosed that it accidentally erased a hard drive containing records and emails of a former senior IRS official.
  • The emails on the hard drive were subject to a litigation hold on materials relevant to a Freedom of Information Act lawsuit.
  • The destruction of documents subject to preservation orders and subpoenas has been an ongoing problem at the IRS.
• On February 3, 2016, the IRS announced a hardware failure which rendered its electronic tax filing systems unavailable.
• Last summer, the IRS suffered a data breach that exposed 330,000 tax returns to hackers who stole almost $50 million in refunds.
• In October 2015, Chairman Chaffetz introduced a resolutionto impeach Commissioner Koskinen. The resolution currently has 62 cosponsors.
  • Commissioner Koskinen’s failure to locate and preserve IRS records in accordance with a congressional subpoena and an internal preservation order was a key factor in introducing the resolution.

KEY VIDEOS:

Chairman Jason Chaffetz (R-UT): “The Federal Government has spent more than $525 billion on IT and it’s worthless. One of the questions I have here with an operating budget for the IT sector—roughly $2.4 billion a year—why is it that we have such poor systems?”

Subcommittee Chairman Jim Jordan (R-OH): “The people in his [Mr. Milholland’s] management team who were responsible for the directive not being carried out and for the back-up tapes being destroyed all got performance pay increases, is that accurate?”

Rep. Mark Walker (R-NC): “Are you running code from [the time of] John F. Kennedy? Because it seems 50 something years ago [and] we’re still running those kinds of systems and we’re still operating with that code.”