July 6, 2006 4:00 AM PDT

Senate tax proposal under scrutiny

(continued from previous page)

What's also unclear are the additional powers the IRS would receive to regulate computer programmers who write tax-related software.

Because the actual bill hasn't been written yet, details remain fuzzy. At the very least, though, federal law would probably be amended to treat such programmers as "tax return preparers," who face criminal penalties for disclosing or making use of confidential information.

Intuit, which sells the popular TurboTax software, says it doesn't have "a complete understanding of their proposal because it hasn't been fully fleshed out."

Nevertheless, company spokeswoman Julie Miller said, "Intuit has always placed the privacy and security of our customers' data as a top priority, and we would certainly welcome and comply with anything that even made privacy protection for taxpayers stronger and more clear."

Tom Ochsenschlager, vice president of taxation for the American Institute of Certified Public Accountants, said that programmers and technologists should be regulated. "I think it is important that they expand the definition of tax preparer to cover particularly these electronic situations, otherwise there would be kind of a loophole here that would permit taxpayer information to go all over the place," he said.

Revising privacy protection
A third section of the tax bill would weaken the privacy protections that currently guard Americans' tax returns.

Current law 26 USC 6103(i)(3)(B) permits the IRS to open its records to federal police in an emergency--but says law enforcement must abide by certain privacy safeguards. Those include maintaining a "permanent system" of records showing who perused the data; creating a "secure area" to view the information; restricting access to people whose duties "require" it; and returning or destroying tax return data when done. Congress must receive annual reports (click for PDF) with summaries.

Those privacy protections would be eliminated. In addition, state and local law enforcement would be granted emergency access to tax returns as well (and would not be subject to the current oversight rules either).

James Maule, a professor at Villanova University who teaches tax law and writes a blog on the topic, says the elimination of the privacy and security safeguards is worrisome. "Why would (keeping the safeguards) be a challenge?" Maule said. "What is the difficulty of the recipient keeping logs?"

Mark Luscombe, principal tax analyst at CCH, an Illinois-based provider of tax and related services, said the sprawling Senate bill was something of a surprise because it started as a one-page proposal to repeal the Spanish-American War tax on telecommunications. (A congressional tax committee and the IRS have proposed extending that tax to the Internet.)

"Suddenly it's a huge tax bill," said Luscombe, adding that the House of Representatives may not see eye-to-eye with the Senate committee on all of the sections.

"You never know how these negotiations will sort out, but it doesn't look to me like this piece of legislation has a very bright future, at least in its present form," Luscombe said.

Previous page
Page 1 | 2

See more CNET content tagged:
tax, phishing, legislation, summary, Sophos Plc.

14 comments

Join the conversation!
Add your comment
such email should be encrypted
Email on its way can be read by anyone on the way. It may also be stored on the way, and there is no gurantee that the eauipment used to temporarily store it would not eventually get to the wrong heads (e.g., a disk would be replaced, but old deleted data on it can still be read with proper equipment). Email routed between two points in one country can pass through another country.
Posted by hadaso (468 comments )
Reply Link Flag
such email should be encrypted
Email on its way can be read by anyone on the way. It may also be stored on the way, and there is no gurantee that the eauipment used to temporarily store it would not eventually get to the wrong heads (e.g., a disk would be replaced, but old deleted data on it can still be read with proper equipment). Email routed between two points in one country can pass through another country.
Posted by hadaso (468 comments )
Reply Link Flag
such email should be encrypted
Email on its way can be read by anyone on the way. It may also be stored on the way, and there is no gurantee that the eauipment used to temporarily store it would not eventually get to the wrong heads (e.g., a disk would be replaced, but old deleted data on it can still be read with proper equipment). Email routed between two points in one country can pass through another country.
Posted by hadaso (468 comments )
Reply Link Flag
such email should be encrypted
Email on its way can be read by anyone on the way. It may also be stored on the way, and there is no gurantee that the eauipment used to temporarily store it would not eventually get to the wrong heads (e.g., a disk would be replaced, but old deleted data on it can still be read with proper equipment). Email routed between two points in one country can pass through another country.
Posted by hadaso (468 comments )
Reply Link Flag
Make tax processes better by removing security?
For whom, exactly, does removing security make the tax process easier and more secure for? Let's look again incase you missed it:

"One section lets the IRS use the Internet to let Americans know that they're owed tax refunds. Another directs the IRS to regulate any programmer who "develops software that is used to prepare or file a tax return"; a third lets the IRS open confidential tax records to the FBI and other police without maintaining logs of who saw what information."

One of these things is not like the other
One of these thigns just doesn't belong

Did you spot it? Use the mighty WAN refered to as the interweb for communications; novel, but it just might work. Regulate production of software relating to taxes; I kinda thought that might be done already. REMOVE security put inplace to protect the (inocent until proven guilty) public's information collected through tax processes; What? How does this benifit the tax payer? How (in a world where data machines are the new cool toy) exactly is it just too gosh-golly much work to require a supena (spelling?), maintain a sign-in log and afterward destory printed copy? Perhaps this would be too much to ask if the NSA was going to audit every citizen. After all, that means recording evidence that the No Such Agency exists and operates with the understanding that everyone is guilty until proven inocent.

But we know how this plays out in the end; it's for the good of the nation. No, how about to support the war on child abuse. Wait, sorry, now it's to support the war on terrorism.

But still the nagging questions:
Why does the FBI need unfetted access to tax payers information?
Why is it too much to ask that their reasons be reviewed by a judge?
Why is it too much to ask that a log be kept of who looked at information on whom?

As for the IRS plan to use the internet; I'm surprised they hadn't caught on to this whole "interweb" thing earlier. Sure anyone who's been online for more than a minute is going to be suspicious of any email refering to money and rightly so. Encrypted email would be nice and soon enough will become the norm but currently the number of people who bother to or understand encrypting of email is pretty small. Email obviously would have to be done in such a way as not too include personal information (banks seem to do it well enough) and too be backed up with mailed documents. The webserver idea should be easier to implement since any server going online today has the same security threats as a publicly accessed IRS server would; hire a good admin and research the best apps and config practices.
Posted by jabbotts (492 comments )
Reply Link Flag
Make tax processes better by removing security?
For whom, exactly, does removing security make the tax process easier and more secure for? Let's look again incase you missed it:

"One section lets the IRS use the Internet to let Americans know that they're owed tax refunds. Another directs the IRS to regulate any programmer who "develops software that is used to prepare or file a tax return"; a third lets the IRS open confidential tax records to the FBI and other police without maintaining logs of who saw what information."

One of these things is not like the other
One of these thigns just doesn't belong

Did you spot it? Use the mighty WAN refered to as the interweb for communications; novel, but it just might work. Regulate production of software relating to taxes; I kinda thought that might be done already. REMOVE security put inplace to protect the (inocent until proven guilty) public's information collected through tax processes; What? How does this benifit the tax payer? How (in a world where data machines are the new cool toy) exactly is it just too gosh-golly much work to require a supena (spelling?), maintain a sign-in log and afterward destory printed copy? Perhaps this would be too much to ask if the NSA was going to audit every citizen. After all, that means recording evidence that the No Such Agency exists and operates with the understanding that everyone is guilty until proven inocent.

But we know how this plays out in the end; it's for the good of the nation. No, how about to support the war on child abuse. Wait, sorry, now it's to support the war on terrorism.

But still the nagging questions:
Why does the FBI need unfetted access to tax payers information?
Why is it too much to ask that their reasons be reviewed by a judge?
Why is it too much to ask that a log be kept of who looked at information on whom?

As for the IRS plan to use the internet; I'm surprised they hadn't caught on to this whole "interweb" thing earlier. Sure anyone who's been online for more than a minute is going to be suspicious of any email refering to money and rightly so. Encrypted email would be nice and soon enough will become the norm but currently the number of people who bother to or understand encrypting of email is pretty small. Email obviously would have to be done in such a way as not too include personal information (banks seem to do it well enough) and too be backed up with mailed documents. The webserver idea should be easier to implement since any server going online today has the same security threats as a publicly accessed IRS server would; hire a good admin and research the best apps and config practices.
Posted by jabbotts (492 comments )
Reply Link Flag
Government "Security"?
We are talking about the same government that could not keep 26 million names, addresses and social security numbers of veterans out of the hands of common theives, right?

Let me send all the employees of the federal government a message: You are a bureaucrat. NOthing you do is so important that, if not done my 5:00 PM, cannot wait until the morrow. Neither you, nor your work, are important enough to potentially jeopardize even one citizen's personal information.

Understand?
Posted by Too Old For IT (351 comments )
Reply Link Flag
Government "Security"?
We are talking about the same government that could not keep 26 million names, addresses and social security numbers of veterans out of the hands of common theives, right?

Let me send all the employees of the federal government a message: You are a bureaucrat. NOthing you do is so important that, if not done my 5:00 PM, cannot wait until the morrow. Neither you, nor your work, are important enough to potentially jeopardize even one citizen's personal information.

Understand?
Posted by Too Old For IT (351 comments )
Reply Link Flag
A great victory for crooks.
Wow. This would be a computer villians dream come true. They could just impersonate the IRS to send all kinds of spam with viruses, data stealing programs etc... Encryption? No problem. The bad guys can just encypt viruses etc... with their encrypted bogus email. I can't think of anything more "terrifying" than a government that doesnt' have its citizenry's best interest in mind and all the tools to work against that interest.
Posted by MrHandle (71 comments )
Reply Link Flag
A great victory for crooks.
Wow. This would be a computer villians dream come true. They could just impersonate the IRS to send all kinds of spam with viruses, data stealing programs etc... Encryption? No problem. The bad guys can just encypt viruses etc... with their encrypted bogus email. I can't think of anything more "terrifying" than a government that doesnt' have its citizenry's best interest in mind and all the tools to work against that interest.
Posted by MrHandle (71 comments )
Reply Link Flag
An accident waiting for a place to happen!
Dumb people make the same mistakes over and over.

Smart people learn from their own mistakes.

Intelligent people learn from other's mistakes.

That said... the IRS is definately DUMB!!!

Nuff said. (* GRIN *)

FWIW
Posted by wbenton (522 comments )
Reply Link Flag
An accident waiting for a place to happen!
Dumb people make the same mistakes over and over.

Smart people learn from their own mistakes.

Intelligent people learn from other's mistakes.

That said... the IRS is definately DUMB!!!

Nuff said. (* GRIN *)

FWIW
Posted by wbenton (522 comments )
Reply Link Flag
Privacy concerns?
This is the same government who is wiretapping their citezens, is
pushing to watch Internet habits and reading personal emails?

Why would would privacy even be a concern at this pint.
Posted by richtestani (23 comments )
Reply Link Flag
Privacy concerns?
This is the same government who is wiretapping their citezens, is
pushing to watch Internet habits and reading personal emails?

Why would would privacy even be a concern at this pint.
Posted by richtestani (23 comments )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.