Circuit Split on Data Breach Litigation

On March 25th, 2019, the Supreme Court denied review of a case involving individuals whose personal information held in a database was breached by hackers. Specifically, the issue was whether the parties requesting review had Article III “standing” to sue due to the database breach.

Standing is the authority of a court to hear a case. For the court to exercise such authority, the court will only hear cases based on events that cause actual injuries or create real threats of imminent harm to individuals who brought the case. The D.C. Circuit Court in its ruling of June 21st, 2019 deepened the split among contradicting circuit rulings. The D.C. Circuit Court ruled the petitioning party had standing to bring the case due to the breach of 21.5 million social security numbers, birth dates, and residency details of former, current, and prospective employees. The court held that, the plaintiff’s fear of facing a substantial risk of future identity theft met the burden to establish standing.

While the Sixth, Seventh, and Ninth circuits have similarly concluded that a heightened risk of identity theft is sufficient for individuals to possess standing to sue; the Second, Third, Fourth, and Eighth Circuits have ruled in the opposite direction. Distinct facts from this  latest data breach case include the nature of the defendant being a federal government agency and the alleged identity of the hacker being a foreign government entity where the breach was executed for purposes other than identity theft. Nonetheless, the D.C. Circuit Court found the federal government agency liable as well as Office of Personnel Management’s (OPMs) third-party vendor, despite the contract between the two parties. The Supreme Court may need to review and rule on this crucial issue in the near future given the current split of authority.

© 2019 Vandenack Weaver LLC

For more information, Contact Us

 

 

Tax Related Identity Theft Awareness

The holiday season is underway and while this is a time for family events and holiday parties, this is also the time that many identity theft scams occur. The Internal Revenue Service (IRS) started the process of alerting taxpayers about potential tax-related identity theft and to provide advice on how to prevent threats to your identity.

For prevention, the initial steps include ensuring use of security software on devices, use of secure wireless networks, and never providing sensitive data when replying to emails, texts, or pop-up ads. For individuals that are hit with tax-related identity theft, it may not become apparent until attempting to file taxes or receiving a notice from the IRS and finding out that a tax return has been filed on your behalf. When this occurs, file a complaint with the Federal Trade Commission (FTC) at https://www.identitytheft.gov/, file a report with the credit agencies, and contact the IRS. Importantly, regardless of the situation, ensure that your taxes are filed and paid, even if it requires filing in paper form.

Taking steps now to add layers of security for your social security number and other sensitive data can help prevent tax-identity theft in the future. If you have questions, please contact the attorneys at Vandenack Weaver LLC.

© 2016 Vandenack Weaver LLC
For more information, Contact Us

 

 

Initial Steps for Victims of Tax Related Identity Theft

As the 2016 tax season comes to a close, many taxpayers may have discovered they were victims of identity theft. Taxpayers often discover that they have been a victim of identity theft after they receive information that a tax return has already been filed using their social security number. If you are e-filing and a return has already been filed, your filing will likely be rejected. If the IRS suspects identity theft, you will receive Letter 5071C, which will request you verify your identity. Such verification can be completed online at https://idverify.irs.gov/IE/e-authenticate/welcome.do.

 After discovering that you have been a victim of identity theft, you should take multiple actions to protect your identity and correct any fraudulent returns with the IRS. It is recommended that you contact the FTC at identitytheft.gov and contact one of the major credit bureaus to place a fraud alert on your credit. If you have received a notice from the IRS or your attempt to e-file a return was denied, you should immediately contact the IRS. If your e-filing has been denied and you believe it is related to identity theft, you must complete Form 14039, Identity Theft Affidavit. Form 14039, a paper copy of your return, and any required payment of tax should be mailed to the IRS.

 If issues persist related to any fraudulently filed tax returns, additional information can be obtained from the IRS’s website, https://www.irs.gov/, or by contacting Vandenack Williams LLC.

© 2016 Vandenack Williams LLC
For more information, Contact Us

New Efforts by the IRS to Detect Identity Theft

The IRS is continuing to make efforts to limit taxpayer victimization from tax scams or identity theft. This year the IRS worked with tax preparers and state governments to identify ways to prevent identity theft related to tax filings. In a recent news release, the IRS announced that following a Security Summit, the IRS and leaders in the tax preparation industry developed new methods for protecting taxpayers.

These methods include the development of 20 data components that will be submitted with a tax return transmission. The IRS will now review for improper or repetitive use of IP addresses and review computer device identification data. Additionally, the IRS identified that it will review the time it took to complete the tax return as a way to detect mechanized fraud. Finally, there will be metadata attached to the transmission that the IRS stated will be used to detect identity theft related fraud.

As part of the Security Summit, major tax preparer software companies, H&R Block, Intuit, TaxHawk, and TaxSlayer all indicated a commitment to protect taxpayer data for the upcoming tax season. For taxpayers using tax preparation software from these companies, they will likely see additional security questions and device recognition upon logging in. These features will be similar to those used in online banking.

For more information, see IRS, States, Industry Continue Progress to Protect Taxpayers from Identity Theft (Oct. 20, 2015), available at https://www.irs.gov/uac/Newsroom/IRS,-States,-Industry-Continue-Progress-to-Protect-Taxpayers-from-Identity-Theft.

© 2015 Houghton Vandenack Williams
For more information, Contact Us