Immigration and Customs Enforcement didn’t meet data safety standards before it signed an agreement to get IRS information on immigrants, a watchdog found.
The Treasury Inspector General for Tax Administration released its first comprehensive report Monday on the controversial data-sharing deal, which included the tax agency sharing information on about 47,000 individuals with ICE as part of the Trump administration’s immigration and deportation efforts.
TIGTA confirms the botched handling of taxpayer data that was revealed in court filings earlier this year and notes open safeguard issues at ICE at the time of the data transfer.
The IRS and the Department of Homeland Security in April 2025 agreed to share data of immigrants to help with criminal investigations. The deal resulted in a slew of top IRS leaders leaving and lawsuits from taxpayer rights and immigration groups. Multiple federal judges blocked the implementation of the agreement, saying it violated federal laws.
The IRS typically issues a report on how an agency receiving federal tax information is complying with data safeguard requirements and ICE wasn’t up to par. Details on the findings were redacted in the TIGTA report.
Several months after the agreement, ICE submitted a corrective action plan but gave no implementation date, TIGTA said.
“Without assurance that findings have been mitigated, there is a potential risk that ICE could fail to properly safeguard taxpayer data received from the IRS under the data-sharing agreement,” TIGTA said.
Democracy Forward, counsel in Center for Taxpayer Rights et al. v Internal Revenue Service,one of the cases against the IRS on this issue, submitted a Freedom of Information Act request for an unredacted copy of the TIGTA report.
“To the extent TIGTA continues to redact some information in the report, DFF requests that TIGTA identify the applicable FOIA exemptions and explain how they apply,” the request said.
The IRS also had its own missteps.
The agency in February improperly disclosed thousands of immigrants’ personal information. Its processes were “unable to identify and match records accurately and consistently,” TIGTA said.
The IRS could verify only about 47,000 individuals of the 1.2 million that ICE requested. But for less than 5% of those individuals, the IRS gave ICE additional address information.
Following the mistaken disclosure, House Ways and Means Committee members called on TIGTA to investigate.
Senate Finance Committee ranking member Ron Wyden (D-Ore.) on Monday asked for prosecution for those violating the law over the mishandling taxpayer data.
“It’s clear that ICE was mishandling this data from the earliest days of Trump’s second term, and the data sharing agreement between IRS and DHS was designed to paper over widespread violations of strict taxpayer privacy laws,” Wyden said.
TIGTA’s Office of Audit has an ongoing review on the IRS’s safeguards with data sharing.