The IRS’s Verification System for Sharing Taxpayer Data With ICE Would Have Accepted ‘Don’t Care 12345’ as a Valid Address

The IRS‑ICE data‑sharing arrangement hinged on the agency’s TIN Matching system, a tool originally designed to confirm Social Security numbers against tax records. Under federal law, the requesting agency must supply both name and a verifiable address before the IRS can release a taxpayer’s location. In practice, the system’s only address check was a simple regex for five‑digit zip codes, effectively treating any numeric string as sufficient. This loophole allowed ICE to submit placeholder or nonsensical addresses and still obtain the last known residence of millions of taxpayers, a procedural failure that the judge described as a "zip code proxy."

Beyond the technical flaw, the episode underscores a broader erosion of privacy protections when tax data is repurposed for immigration enforcement. Taxpayers expect confidentiality; the breach fuels distrust not only in the IRS but also in any agency that accesses fiscal records. Critics argue that such mass data transfers create a de‑facto surveillance network, potentially chilling lawful activity and amplifying the risk of misuse. The incident also raises policy questions about the adequacy of oversight mechanisms, especially when agencies can expand access to sensitive information without transparent accountability.

Legally, the ruling has set the stage for a high‑stakes appeal that could redefine the boundaries of inter‑agency data sharing. If the D.C. Circuit upholds the injunction, the government may be forced to redesign its verification protocols or curtail the program altogether. Lawmakers and privacy advocates are likely to push for stricter statutory safeguards, possibly mandating independent audits and real‑time address validation. The outcome will reverberate across federal data‑exchange initiatives, signaling whether security and privacy can coexist with aggressive immigration enforcement strategies.