The IRS has backtracked on plans to require that taxpayers submit selfie videos as verification to access tax accounts and services online. The tremendous backlash prompted the agency to abandon its controversial plans. Speaking out works!

Update

This week, the IRS backed off. In an announcement it stated:

The IRS announced it will transition away from using a third-party service for facial recognition to help authenticate people creating new online accounts. The transition will occur over the coming weeks in order to prevent larger disruptions to taxpayers during the filing season.

During the transition, the IRS will quickly develop and bring online an additional authentication process that does not involve facial recognition. The IRS will also continue to work with its cross-government partners to develop authentication methods that protect taxpayer data and ensure broad access to online tools.

This is good news.

Backstory

As I wrote last week, the IRS is combatting fraud by beefing up verification with facial-recognition technology: 

Late last year, the IRS announced that it would expand the number of services that would require a new type of digital verification. Instead of developing an in-house tool, the IRS outsourced verification to a private company, ID.me “to ensure that taxpayer information is only provided to the person who has a legal right to the data.”

Taxpayers are currently asked to create an ID.me account, but they can still access online services with previous IRS credentials. However, by this summer–no date announced–everyone will have to transition to ID.me sign-in.

To verify their identity with ID.me, taxpayers will have to provide a photo ID such as a driver’s license, state ID, or passport AND a selfie taken with a smartphone or computer webcam.

The backlash has been bipartisan, widespread, and vociferous.

Policymakers, experts, and laypeople pushed back for various reasons including privacy, security, and tech glitches and failures.

A group of Republicans sent a letter to the IRS Commissioner Chuck Rettig pointing out concerns: 

The decision millions of Americans are forced to make is to pay the toll of giving up their most personal information, biometric data, to an outside contractor or return to the era of a paper-driven bureaucracy where information moves slow, is inaccurate, and some would say is processed in ways incompatible with contemporary life.

A group of House Democrats pointed out that putting sensitive data into a biometric database makes this third-party’s treasure trove of data “a prime target for cyberattacks.”

Bottom line

Taxpayers who haven’t sent off their selfie videos can breathe a sigh of relief.

Older and vulnerable Americans, who are not technologically adept or who do not have access to the technology needed to comply with this requirement, can breathe a sigh of relief.

Citizens worried about a third party handling their extremely-sensitive personal information can also breathe a sigh of relief.

Data security should be of the utmost importance to the IRS, but it’s time to go back to the drawing board on how to do so.