WASHINGTON — A federal judge has delivered a stinging rebuke to the Internal Revenue Service, ruling the agency violated federal law approximately 42,695 times by unlawfully sharing confidential taxpayer data with immigration enforcement officials.
The decision, handed down Thursday by U.S. District Judge Colleen Kollar-Kotelly, marks a significant escalation in a legal battle over taxpayer privacy and inter-agency data sharing. The ruling confirms that the IRS bypassed strict statutory safeguards when it turned over tens of thousands of home addresses to the Department of Homeland Security (DHS) without proper verification.
Failure of Safeguards: The Statutory Breach
At the heart of the litigation is a specific provision of the Internal Revenue Code. Under federal law, the IRS is prohibited from releasing a taxpayer’s address to another agency unless that agency first provides the IRS with the specific name and last known address of the individual in question.
This “match-to-release” requirement is designed to ensure that the government cannot use the IRS database for “fishing expeditions,” limiting access only to individuals the requesting agency has already identified.
Judge Kollar-Kotelly found that in August alone, the IRS shared nearly 47,300 addresses with Immigration and Customs Enforcement (ICE). Of those, the court determined that the vast majority—over 42,000—were disclosed without the IRS confirming that ICE had provided a valid, pre-existing address.
“The IRS violated the [Internal Revenue Code] approximately 42,695 times by disclosing last known taxpayer addresses to ICE… without confirming that ICE’s request set forth the ‘address of the taxpayer,'” the judge’s opinion stated.
“Don’t Care 12345”: Evidence of Systemic Negligence
The court’s opinion highlighted a startling lack of oversight in the data-sharing process. According to a declaration from Dottie A. Romo, the IRS’s chief risk and control officer, many of the requests submitted by ICE were blatantly deficient.
Documentation revealed that ICE frequently submitted requests with addresses listed as:
- “Failed to Provide”
- “Unknown Address”
- “NA NA”
- “00000”
Judge Kollar-Kotelly used pointed language to describe this verification failure, noting that under the government’s lax standards, ICE could have submitted an address like “Don’t Care 12345” and still successfully received a taxpayer’s private home information from the IRS.
DHS Defense vs. Taxpayer Advocacy
The Department of Homeland Security has consistently defended the arrangement, framing it as a vital tool for national security and immigration enforcement. In previous statements, the DHS argued that cross-agency information sharing is “essential to identify who is in our country,” citing the need to track violent criminals, protect public safety, and maintain the integrity of voter rolls.
However, taxpayer advocates view the ruling as a landmark victory for privacy. Nina Olson, founder of the Center for Taxpayer Rights, noted that the scale of this violation is virtually unprecedented in the history of the IRS.
“This confirms what we’ve been saying all along: that the IRS has an unlawful policy that violates the Internal Revenue Code’s protections,” Olson said. “I don’t know of any opinion about the IRS like this. The kinds of mass requests that are coming in are unprecedented.”
What’s Next: The Appeals Process
The Treasury Department has declined to comment on the ruling. The case now moves to the U.S. Court of Appeals for the D.C. Circuit, where the government is attempting to overturn an earlier injunction that blocked the data-sharing program in November.
If the ruling stands, it could lead to significant policy overhauls regarding how federal agencies access sensitive IRS data, potentially requiring more rigorous digital “handshakes” and manual audits to ensure every request meets the letter of the law.
