From: fergp@sytex.com (Paul Ferguson)
To: cypherpunks@toad.com
Message Hash: 78fdf6b95171fc3bb32a1dd9efa8ec756ac70eccc66141608a7815e53b079c46
Message ID: <9cau8B1w165w@sytex.com>
Reply To: N/A
UTC Datetime: 1993-08-06 04:18:40 UTC
Raw Date: Thu, 5 Aug 93 21:18:40 PDT
From: fergp@sytex.com (Paul Ferguson)
Date: Thu, 5 Aug 93 21:18:40 PDT
To: cypherpunks@toad.com
Subject: IRS flunkies browsing your tax records (Surprise!)
Message-ID: <9cau8B1w165w@sytex.com>
MIME-Version: 1.0
Content-Type: text/plain
excerpted from:
The Washington Post
5 August 1993
page A6
Accused of Failing to Protect Data, IRS Says It Will Buttress
Safeguards
by Stephen Barr
Washington Post Staff Writer
The Internal revenue Service, assailed by senators yesterday over
a breakdown in computer security that allowed IRS workers to
browse through tax records and monitor fraudulent tax refunds,
pledged to strengthen safeguards set up to ensure taxpayer
records are kept confidential.
"it's not easy. it's painful to admit mistakes you make,"
Internal revenue Commissioner Margaret Milner Richardson said
after listening to members of the Senate Governmental Affairs
Committee express outrage that IRS workers abused their public
trust.
Addressing committee Chairman John Glenn (D-Ohio), Richardson
said,"I feel very strongly about protecting the integrity of the
tax system, and I told you we will not tolerate anything that
will impinge on that integrity or the credibility of the American
people."
But Richardson rebuffed a suggestion by Sen. David Pryor (D-Ark.)
that the IRS notify the taxpayers whose files were improperly
reviewed. "I'm not sure there would be a serious value to that in
terms of tax administration or in the connection with what I see
as protecting the taxpayer's rights," she said.
Pryor said he would continue to press for taxpayer notification,
saying, "I'm going to really come down hard.... I think anyone
that we can identify whose files have been browsed for no
official reason, I think that taxpayer needs to know."
Richardson's testimony followed the release of a report this week
that showed almost 370 IRS employees in the agency's Southeast
Region have been investigated or disciplined for creating
fraudulent tax returns or browsing through tax returns of
friends, relatives, neighbors and celebrities.
In 154 cases, employees were disciplined. Deputy Commissioner
Michael P. Dolan said three employees were forced to resign,
three were fired, 38 received suspensions, 67 were given
reprimands, 24 were admonished, 17 underwent counseling and two
received "caution letters."
Sen. Byron L. Dorgan (D-N.D.), noting that few employees were
dismissed, questioned Richardson and Dolan on whether "we are
dealing appropriately enough" with violators. They said the IRS
would provide the committee with detailed information on how
disciplinary judgements were made.
Few details emerged at the hearing on how IRS regional employees
created bogus refunds. An IRS investigative report released by
the committee said that four employees are facing criminal
prosecution.
"In one case," the IRS report said, "an employee prepared over
200 fraudulent tax returns and monitored the refunds" on IRS
computers. The report suggested that the fake refunds cost the
government more than $300,000.
In another case, "the employee used her position to input
fraudulent adjustments and monitor the accounts of local
taxpayers. She also prepared fraudulent returns, including
returns for herself and her parents," the IRS report said.
Dolan noted that the violations ranged from the serious to the
benign, such as employees who were asked by neighbors for a
favor: determine the status of their income tax refund.
In answering questions, Richardson pointed out that IRS's
internal audit staff had uncovered the information with the
General Accounting Office. The IRS audit examined the Integrated
Data Retrieval System, a database of taxpayer accounts used by
56,000 IRS workers nationwide.
Richardson said the IRS is developing a "comprehensive review" of
computer security issues that will improve the agency's ability
to detect "inappropriate use."
The IRS also is reviewing its high-risk operations, such as
credit transfers amd taxpayer adjustments, in a renewed effort tp
avert employee misconduct. Dolan said a review of the agency's
most sensitive computer commands would be completed within the
next six weeks.
Richardson was a washington tax attorney before being selected
earlier this year by President Clinton to run the IRS. Dolan, a
career civil servant, was named deputy commissioner last year.
8<--------- End article -------------------
A old friend of mine sent me an e-mail this afternoon; it appears
we see eye-to-eye on this entire fiasco -- and the dangerous role
the government wants to play in the Information Age:
8<--------- forwarded message --------------
Subject: Clipper, escrows, and honesty. . .
To: "fergp" <sytex.com!fergp>
Saw your recent posting on SCI.CRYPT. I generally shun public postings
in such an arena. . . .
However, it occurred to me, with only a little bit of thought, that after
the recent articles in the Washington Post regarding the employee's of
the IRS browsing through friends, enemies, and famous folk's 1040's --
simply for kicks -- how would this be any different than an escrow key
arrangment.
Isn't it simply a given truth that if one man can view a personal secret
of another, that he will be tempted? And let's face it, history proves
that, more often than not, the "apple is bitten," ---- or at least
"nibbled." No matter how you work it, there will always be a small
group,
perhaps even one, that will have access to your key. Just like that
little
girl that sits behind the faceless terminal can pull up my 1040 and run
through the schedules to see what I won on and what I lost ---- and I'll
never know that it even happened. Of course, until someone who shouldn't
know does know, and perhaps at a cocktail party makes mention. . . . .
Small potatoes. . . . but not if you're encrypting..
8<---------- end forwarded mail -----------
Once again -- "Be afraid; be very afraid."
Paul Ferguson | "Government, even in its best state,
Network Integrator | is but a necessary evil; in its worst
Centreville, Virginia USA | state, an intolerable one."
fergp@sytex.com | - Thomas Paine, Common Sense
I love my country, but I fear its government.
Return to August 1993
Return to “fergp@sytex.com (Paul Ferguson)”
1993-08-06 (Thu, 5 Aug 93 21:18:40 PDT) - IRS flunkies browsing your tax records (Surprise!) - fergp@sytex.com (Paul Ferguson)