IRS rightly slams misuse of information
- By Bureaucratus
- Apr 05, 1998
In one of those rare instances in which I applaud an action taken by the Internal Revenue Service, the agency fired an employee for misusing its Integrated Data Retrieval System (IDRS) to seek tax-related information on friends and relatives. The Merit Systems Protection Board (MSPB) and the U.S. Court of Appeals for the Federal Circuit recently upheld the dismissal (John M. Thomas v. Department of the Treasury, 97-3252, Aug. 8, 1997).
John Thomas, a former IRS employee, was fired for using the IDRS for other than official business and engaging in unauthorized access of a taxpayer's account.
Thomas appealed the charge of wrongful use of the IDRS and argued that the penalty imposed on him was too harsh. In my opinion, it was too lenient. I think that Thomas not only should have lost his job but that he also should have been fined or jailed to boot— maybe both. IRS tax records are confidential. No one is supposed to see them except agency employees on official business.
Thomas admitted that he used the IDRS for other than official business, but he tried to find a flaw in the formal charges filed against him by the IRS.
For example, the agency charged that Thomas used a specific IDRS command code to research a taxpayer's account, which he later admitted belonged to his wife's parents. He took this action despite the fact that the first rule guiding IDRS security clearly states that users may not attempt to access, research or change their own accounts or those of a spouse, colleague, friend or relative.
Thomas argued that he did not "research" anyone's "account" by using the command code, which he said provides only Social Security numbers. He said obtaining Social Security numbers is not analogous to "researching an account" within the meaning of the IDRS security rules.
Thomas did not dispute that he attempted to access others' accounts by first accessing their Social Security numbers. Instead, he got cute and argued that the formal charges made by the IRS alleged actual research when he was merely guilty of attempted research.
In an apparent attempt to turn the wording of the agency's charges against the agency, Thomas argued that the IRS failed to meet the burden of showing that he had performed "actual research."
The Court Fires Back
The court could see no merit in Thomas' defense. The court noted that each formal charge against Thomas was for a violation of the first IDRS security rule, which prohibits any attempt to access taxpayer account information, including accessing Social Security numbers, for other than official business.
Clearly, he was trying to wiggle out on a technicality, but the court would have none of it. The judges agreed with a previous decision by the MSPB and concluded that the IRS' charges, although implicitly alleging attempted access of taxpayers' files, did not conflict with the charge of using the IDRS for other than official business.
As for Thomas' firing, the court did not think it was too harsh a penalty, especially because the integrity of the entire IRS was called into question. Thomas not only violated IRS rules, he besmirched the already-tarnished image of the agency and did not help the reputation of federal employees in general. The IRS already suffers from a public relations problem, and an employee who pries into other people's records only adds fuel to the fire. No sympathy for Thomas here.
-- Bureaucratus is a retired federal employee who contributes regularly to Federal Computer Week.