IRS database of nonprofits is filled with unredacted SSNs

Remember when rogue archivist Carl Malamud asked the IRS for data on $1.5 trillion worth of data from nonprofit organizations? Well, it turns out that the IRS has totally failed to redact it properly, and left in the Social Security Numbers for thousands of people. So they’ve asked the IRS to take the database down… READ THE REST

I can only hope that the good done from the data he receives is worth the millions that it will cost to give him that data.



It’s a charade so dumb that it makes me gnaw my eyes out: the same number cannot both be Super Secret and something that absolutely everybody asks for(because it’s Super Secret, and thus a foolproof security measure and unique key!).


SSNs are just a symptom of much broader problems that need to get fixed. But, the government is not allowed to post SSNs on their web sites, so it is one way of getting them to try and address that problem and at the same time address broader problems.

On the one hand, that’s thousands of SSN among millions of exempt orgs, so it’s needles among haystacks. But on the other, when I worked there we guarded PII on pain of termination (and possible prosecution.)

I agree with Fungus, except that if we quit pretending SSN are super secret, then who would be responsible when identity theft happens? Corporations? I think not!

I’m sure it’ll just be easier and cheaper for the IRS to arrest Carl for ‘leaking’ these data than for the agency to redact it…

This topic was automatically closed after 5 days. New replies are no longer allowed.