The IRS is taking measures to protect the identities of employees because some of them have been contacted by taxpayers via personal telephone numbers and social media sites, the Treasury Inspector General for Tax Administration (TIGTA) reported.

The IRS Restructuring and Reform Act of 1998 (RRA 98) requires that contact information for IRS employees be included in manually generated correspondence. Such information consists of the employees' names, telephone numbers and unique identifying numbers, so that that taxpayers can contact the IRS employee who can best resolve their case. But the report found that taxpayers were using this information to find personal contact information for IRS employees, such as addresses, telephone numbers and social media accounts.

TIGTA initiated the review after a walkthrough at three tax processing centers revealed that some managers, whose full name and office telephone number appeared on manual correspondence, were being contacted on their personal telephone lines or through social media, rather than through normal business methods.

TIGTA’s survey of IRS managers who signed tax-processing correspondence found that 11 of 32 IRS managers, 34 percent, were contacted by taxpayers outside of normal business methods. None of the 11 managers reported that they or their families were threatened or intimidated because of these contacts, the report read.

In one instance, a taxpayer whom they had assisted recently left a letter at an employee’s personal residence to request assistance with personal taxes. The employee informed TIGTA’s Office of Investigations, which found that the taxpayer used a paid online database to find the employee’s home address. The letter did not contain any threats.

Yet in another instance, an IRS manager said that “there has been an issue recently of a colleague who has received threats due to their name being placed on correspondence letters to the taxpayers. This taxpayer searched the employee on social media and made threats against them and their family.”

Concerned about the possibilities of threats to employees by taxpayers, anti-government or anti-tax groups “with malevolent intent” who may use the internet or social media to track down and identify IRS employees, their families, their homes, and personal information, TIGTA recommended that the IRS protect the identity of its employees signing manually generated tax processing correspondence by removing their first names and replacing them with the employees' title, Mr., Ms., or a gender-neutral title. It also recommended that Commissioner Ken Corbin of the IRS’s Wage and Investment Division “ensure that all tax processing correspondence is revised to remove the signing IRS employee’s first name and replace it with the employee’s title.”

The report noted that "IRS management agreed with our recommendations. The IRS plans to revise IRS employee signatures on the correspondence letters by June 2023. In addition, the IRS plans to make program changes that will eliminate the use of employees’ first names from manually generated correspondence and will provide the appropriate title in its place by June 2023."

"The IRS takes the safety and security of its employees very seriously,"  Corbin wrote in response to the TIGTA review, Accounting Today reported. "However," he added, "it is noteworthy that during the course of this review, neither conversations with the audit team nor reaching out to the managers whose signatures appear on the Correspondex letters identified anyone who had requested the use of a pseudonym or reported threatening or harassing contacts to the Treasury Inspector General for Tax Administration, which is the protocol for such incidents."

Corbin also noted that the changes in technology that allow taxpayers to find personal contact information for IRS employees did not exist when the RRA 98 was passed.

"Where locating an individual outside the area covered by the local telephone directory was once a substantial undertaking, individuals can now be reached worldwide," he wrote. "We will take steps to limit the amount of personally identifiable information of our employees provided on manually generated correspondence while remaining compliant with the provisions of RRA '98."