The important principle beneath Trump’s absurd IRS lawsuit 

In January, President Trump filed a lawsuit seeking $10 billion in damages from the federal government related to the 2019-20 leaks of his tax returns by an IRS contractor. 

As the leader of an organization promoting the integrity of the tax system, I believe the lawsuit is absurd. But there is one principle it raises that I believe is worth defending: All taxpayers — whether the president or a plumber — should expect the IRS to protect their legally protected tax information. Indeed, the law gives taxpayers strong legal recourse when that trust is violated, including monetary damages.

For a half-century, bipartisan majorities in Congress and the IRS have built stringent taxpayer privacy protections to give taxpayers confidence to share their sensitive information. These actions were motivated by President Richard Nixon’s abuses, after he famously sought to access taxpayer information and target his political enemies with tax audits. 

Following that episode, Congress enacted statutes with strong bipartisan support that strictly limited access to taxpayer information and imposing criminal penalties for unauthorized disclosures. Everyone in the U.S. is given this expectation of taxpayer confidentiality. Indeed, in the past, the IRS even promised individuals without lawful immigration status that there was a firewall protecting their tax information from immigration enforcement. 

That promise reflected a broader rationale for taxpayer privacy: Taxpayers can be comfortable sharing highly sensitive information needed to administer the tax laws only if they know it will remain confidential and be used for only lawful purposes.

IRS contractor Charles Littlejohn took advantage of substandard and outdated IRS security safeguards when he leaked thousands of tax returns, including Trump’s, to news organizations in 2019 and 2020. His actions were egregious, clearly unlawful and an insult to the IRS employees who hold taxpayer privacy as sacrosanct. He is being punished with a five-year prison sentence, the maximum sentence for his conviction.

Some observers wrongly celebrated Littlejohn’s actions as serving the public interest, downplaying the violation of law and the public trust.

Perhaps presidential candidates should have heightened transparency obligations. Or perhaps the U.S.’s stringent privacy protections go too far, and the public deserves to see returns to understand how the wealthy exploit weaknesses in the tax system. But those are policy arguments — any actual changes to the privacy laws must come from Congress.

And there, of course, is the rub. Even as Trump invokes taxpayer privacy on his own behalf, his administration is eroding it.

In May, Treasury Secretary Scott Bessent entered into a large-scale tax data sharing agreement with the Department of Homeland Security for immigration enforcement, reversing the IRS’s longstanding commitment not to do so. He overruled IRS lawyers who advised that the data-sharing would be unlawful. The agreement could undermine voluntary tax compliance by discouraging people from filing, potentially costing more than $300 billion over a decade, according to estimates from the Yale Budget Lab. 

After an initial tranche of taxpayer data was shared, a federal judge blocked data sharing because it violated taxpayer’s privacy laws. Another one did so in early February. And now, the IRS has reportedly discovered that it shared even more taxpayer data with Homeland Security, mistakenly and unlawfully.

Elsewhere, Trump and Bessent may have violated the law by publicly disclosing Harvard University’s audit status, and by targeting Harvard’s tax-exempt status for political reasons. And political appointees have reportedly sought extraordinarily broad access to protected taxpayer information and unprecedented tax data across agencies for purposes well beyond tax administration — with serious risk that these efforts result in legal violations. 

Trump’s actions are also hollowing out the IRS. In less than a year, the Trump administration downsized IRS staffing by one-quarter, potentially leading to more reliance on contractors like Littlejohn. The Government Accountability Office found before and after Littlejohn’s leaks that the IRS has more trouble securing tax data when it is accessed by contractors. 

Among the departures were 30 percent of the IRS privacy office’s employees, including the chief privacy officer who had warned the data-sharing with Homeland Security was unlawful. The chief information officer and dozens of senior IT executives resigned or were fired. That’s an unnerving combination for taxpayers who want their information to stay confidential.

The latest government funding deal pulls back nearly $12 billion that had been intended to modernize the IRS’s IT systems. The Littlejohn leaks occurred following a decade of deep IRS funding cuts, and the IRS itself stated that a lack of resources contributed to its own failure to implement recommended data privacy safeguards.

A 2022 surge of one-time funding enabled the IRS to take steps bolstering key data security systems. But now Trump and lawmakers are cutting back those resources, making it more difficult to implement the reforms needed to robustly protect taxpayer privacy.

As a consequence, taxpayers have good reason to fear their sensitive information is now at risk from the actions of the same president who is invoking a prior breach in a lawsuit to try to enrich himself or dispose of as he wishes. I worry deeply about the consequences for the integrity of the tax system, the rule of law and the nation’s fiscal outlook.

Chye-Ching Huang is executive director of the Tax Law Center at NYU Law.