Elon Musk’s Department of Government Efficiency is seeking access to the Internal Revenue Service’s highly sensitive taxpayer data system, a source familiar with the move tells CNN.
The IRS, which contains private data on millions of Americans’ tax returns, Social Security numbers and banking information, is the latest agency to be targeted by DOGE as it seeks to significantly reduce the size of the federal workforce and root out what it characterizes as waste, fraud and abuse within the government.
Gavin Kliger, a software engineer working under DOGE, is expected to be granted access to the system “imminently,” the source said. He will be based at the IRS for at least 120 days but had not yet been given approval as of 9 p.m. ET Sunday.
“Waste, fraud, and abuse have been deeply entrenched in our broken system for far too long. It takes direct access to the system to identify and fix it,” White House deputy press secretary Harrison Fields told CNN in a statement. “DOGE will continue to shine a light on the fraud they uncover as the American people deserve to know what their government has been spending their hard earned tax dollars on.”
Kliger will serve as a senior adviser to the acting IRS commissioner, though it’s still unclear exactly what the nature of his work at the agency will look like. Kliger has the proper security clearance and is expected to sign an agreement requiring that he maintains confidentiality with tax return information and destroys such materials upon leaving the IRS, the source added.
The agreement is part of a broader memorandum of understanding currently being considered by the IRS that would give DOGE officials widespread access to the agency’s system, including the Integrated Data Retrieval System, or IDRS, which enables IRS employees to access specific taxpayer accounts and their bank information.
The IDRS contains some of the most sensitive financial information on American taxpayers. According to the IRS, the system is designed to prevent taxpayers’ information from getting into the wrong hands — and from unauthorized IRS employees from making changes to taxpayers’ data. Authorized employees can access taxpayers’ sensitive data only to accomplish a specific and official task.
“The taxpayer must be protected from unauthorized disclosure of information concerning his/her account and unauthorized changes to it,” the IRS says in its employee manual. “The IDRS user employee must be protected from other personnel using his/her identification to access or make changes to an account.”
Included in the data that the IDRS allows authorized employees to access is Social Security numbers, bank account information, addresses, tax returns and other personally identifying data. It also includes private information about taxpayers. For example, the IDRS includes information about taxpayers’ pending adoptions, so parents can claim dependency exemptions and child care credits.
The protocols are quite strict, preventing IRS employees from accessing their own files or files belonging to spouses, friends, relatives, coworkers or anyone with whom they have personal relationships or business dealings. The IRS also prohibits snooping employees from accessing tax account information to satisfy personal curiosities.
The punishment for improper use of the IDRS includes termination, fine or a prison sentence of up to a year.
