IRS does an about-face on facial recognition plans

IRS logo under magnifying glass Postmodern Studio/Shutterstock
By Matt Milano/

The IRS is abandoning plans to require facial recognition to authenticate online access following criticism from politicians, privacy advocates, and tech experts, forcing the agency to look at other options to beef up security. The agency ignited a firestorm when it announced it was partnering with ID.me to use its facial recognition tech; the plan was to require it for anyone logging into their IRS account online, beginning in mid-2022.

Evidently, the IRS failed to learn from the TSA's foray into facial recognition, and the resistance that agency faced rolling out the tech. Giving the government access to their biometric data is simply a bridge too far for many users.

The plan also faced scrutiny as a result of the Treasury Department's decision to use a private company to handle the facial recognition. In fact, as Krebs on Security points out, the company's privacy policy specifically says it will not use accounts set up for government verification for promotional or marketing purposes. The fact that ID.me has to make that assurance is indicative of the challenges involved in a government agency relying on a private company for something as sensitive as biometric data.

The IRS changes course

Facial recognition technology metamorworks/Shutterstock

In light of the growing objections and challenges to the Treasury Department's plans, the IRS announced it is abandoning its facial recognition endeavor. At the same time, the agency said it will continue to pursue other means of authentication to bolster security.

The agency's commissioner Charles P. Rettig said in a statement (via The New York Times):

The I.R.S. takes taxpayer privacy and security seriously, and we understand the concerns that have been raised. Everyone should feel comfortable with how their personal information is secured, and we are quickly pursuing short-term options that do not involve facial recognition.

The announcement was welcomed by critics, including within the political sphere. Senator Ron Wyden, a long-time privacy advocate, tweeted his support of the news, also noting that theĀ "transition may take time."

Senator Wyden's IRS tweet Sen. Wyden/Twitter

There's no word yet on what alternative authentication systems the IRS will choose. Whatever the method, hopefully Senator Wyden is correct in asserting such a mechanism need not require sacrificing privacy for security.

Recommended