Suspicion that an accounting firm shared customer's personal information with Meta and Google, and the possibility of fines of hundreds of billions of yen
After a seven-month investigation led by members of Congress, several accounting firms were reported to have provided taxpayers' personal information to Google and Meta. Names and addresses, as well as dependent data and savings account usage, were suspected of being shared.
Attacks on Tax Privacy_Final.pdf
(PDF file)
Tax preparers that shared private data with Meta, Google could be fined billions | Ars Technica
https://arstechnica.com/tech-policy/2023/07/meta-wont-say-what-happened-to-taxpayer-data-it-may-have-illegally-collected/
Democrats call on DOJ to investigate tax sites for sharing financial information with Meta - The Verge
https://www.theverge.com/2023/7/12/23791496/meta-google-tax-filing-warren-sanders-pixel
According to lawmakers, H&R Block, TaxAct and TaxSlayer have embedded Google and Meta tracking codes in their services, allowing them to access customers' names, addresses, dates of birth, tax filing status and account usage. It is said that information such as was missing. The three companies may be in violation of the law because the U.S. prohibits accounting firms from sharing tax filing information without the consent of their clients, and lawmakers have asked lawmakers to pursue further investigations and prosecute them. requested the authorities.
Agents who disclose filing information without authorization are subject to fines of up to $1,000 and imprisonment of up to one year for each violation, according to the report. Because the tax return data of millions of taxpayers is shared, it is said that criminal liability of billions of dollars (hundreds of billions of yen) could potentially be imposed.
The point that accounting firms share information was first made in November 2022 by technology media
The three companies contacted by The Markup responded by deleting or disabling the tracking code, but it is believed that multiple pieces of information were shared by then. Lawmakers point out that ``information obtained from tracking codes was used for advertising targeting,'' but Google and Meta have argued against this.
Google states, 'Strict policies and technology prohibit the collection of personally identifiable data. Site owners, not Google, control what information is collected and We must inform our users of how it will be used, and we have a strict policy against sensitive advertising.'
Meta said, ``Advertisers must not use our business tools to send people sensitive information.・ We are educating advertisers to properly configure the tool.Our system is designed to filter potentially sensitive data that is detected. He maintained his stance that it was just a mistake by the (accounting firm), and pointed out that all the data obtained was anonymized, so it did not constitute a leak of personal information.
However, the lawmakers said, 'The 'hashing' performed by the two companies is questionable as an 'anonymization' technology and can be easily manipulated to identify individuals or create personal information that can be used for targeted advertising.' I argue.
Regarding the accounting firm that embedded the tracking code, the lawmakers said, ``They introduced it without fully understanding what kind of information would be sent and without consulting experts. In some cases, they were unaware that such codes were being used, and it appears that accounting firms were unaware of how the codes affected taxpayer privacy.' While checking Google and Meta, which claim that companies that did not follow the policy are responsible, he still said that the accounting firm had the main responsibility.
“This case raises questions about the tax filing industry’s ability to handle taxpayer data responsibly and how seriously this industry takes customer privacy,” lawmakers said. rice field.
Related Posts:
in Posted by log1p_kr