there is a cost associated with doing that and whether or not the i.r.s. is in a position right now resource-wise to do so i would defer to the commissioner. but before sir, if i may -- one thing i do want to qualify here and that is -- clarify, i should say. we are still at the outset of this investigation but they have reports that this data breach originated solely from russia. .

people. we are running into the pilot to see what the cost would be. without a relatively modest take up on that. we are encouraging taxpayers to take advantage of it. senator isakson: have you found it to be a foolproof system yet? commissioner koskinen: we are doing a test to see what the burden on the timps is and cost to the i.r.s. is. it is foolproof to the extent you don't lose it. what happens with social security numbers is they are out in the world. they are used for children's identification. schools. they are used for everybody's medicare card. a social security number. the i.p. pin has no other use. our experience thus far is we can authenticate to make sure

the taxpayer who gets the i.p. pin is the legitimate taxpayer. if they keep it secure, there is no way anybody gets access to that number. their returns, therefore are safe. senator isakson: it would seem to me if the trial you are doing in georgia and florida works, it does seem to be foolproof, you would give every american taxpayer the ability to apply for one of those. you wouldn't want to make them take one for fear of some sinister government plot somewhere. you would certainly give them the opportunity to get one. commissioner koskinen: what we are looking at is with the pin if people lose it we have a lot of people, if we get, for instance 50 million people with i.p. pins and half lose them, we'll have a tremendous amount of background noise to make sure we get them the right pins and replacement pins. how does it work when you have people who otherwise haven't been victims and sign up? it is ultimately a way to go -- when we get down to the bottom of it, our analysis over four, five years is authentication will turn out to be the key.

whether it's authenticating you to get an i.p. pin. we need, that's what we are working on we need to gather among all of us have a way of sharing information about who is actually the customer. are you who you say you are? when you call us you know you are you, you wonder why we have to authenticate you to make sure somebody isn't impersonating you. it's a multifaceted approach we are having trying to -- a lot of different things as the chairman said how do we get ahead of the game. ultimately we'll never put them out of business, the goal is to make it so difficult and expensive it's not worth their while. senator isakson: mr. george i want to ask you a question, it would probably be unfair to ask mr. koskinen the question. the part of the best way to protect the taxpayer identification limit fraud is to change the way in which we do our taxation.

there is a gamentian who wrote a book called "the fair tax" going to a retail sales tax eliminating the inheritance tax payroll tax, and income tax. if you paid at the retail purchase a tax to splument those taxes, would it not be a protection against identity theft? mr. george: i cannot give you a definitive answer on that one, senator. suffice it to say the more information, the earlier the i.r.s. gets it, and the easier way of doing taxes would assist the system overall. the taxpayers and what have you. but the various proposals such as ones you mentioned, i'm not certain whether they would have a direct impact on identity theft. senator isakson: what i am saying is if i paid my tax to the federal government on a retail purchase and collected by the retailer who does that for the states anyway, it would eliminate any of this self-identifying information. tax would end up being collected. which would be a protection

against some of the identity theft. mr. koskinen. commissioner koskinen: if we didn't deal with taxpayers individually, we wouldn't have individual information. the issue globally would still exist as with your credit card, and that is our criminals -- are criminals accessing enough personal information to access your bank accounts, credit cards, mortgage accounts. from the standpoint of the i.r.s. if we were dealing with a system where we collected funds the government collected funds for the value-added tax or fair tax or something that did not require individuals to register with us, almost by definition we wouldn't have a risk of individual identity theft because we wouldn't have individuals identified. senator isakson: my time's up but i'd like to thank mr. koskinen for giving me the tour. i appreciate what you are trying to do. senator hatch: senator scott. aol oot irony of that visit which our employees appreciated the senator and i spent and hour on a briefing on identity theft.

senator scott: thank you for being here this morning. commissioner, can you fell me how many south carolinians have been affected or the information stolen by the breach? commissioner koskinen: i cannot tell you that. as i said earlier we have sent letters to the 104,000 who were not accessed, so anybody in south carolina should get a letter. we can go back through and get you that information. senator scott: that would be great. thank you very much. whenever i go throughout south carolina my constituents are incredibly concerned about the i.r.s. they really feel like your agency is the agency that truly has the power of intimidation. so when we hear about breaches, is 04,000 folks violated by this -- 104,000 folks violated by this preach, my citizens are incredibly excited, passionate, and concerned about the activities at the i.r.s. it doesn't simply start and end

with the breach. it started when we had the conversation last time about grouping targeted because of their religious beliefs or political doctrine. it flows into the lois lerner emails and the ability to figure out if you have or do not have the emails. it continues on down the road as a call during tax season they are unable to get someone to answer the phones so they have these courtesy hangups. it is consistent, as i talk to my constituents, that their concerns continue to grow and this breach will own add more fire to people who are absolutely petrified by the i.r.s. and now having their information exposed to criminal elements, criminal cartels, is even more disconsequence serting -- disconcerting. i would love to hear what you are doing in order to secure the

i.t. at the i.r.s. mr. george i have a question for you about the 19 recommendations that were made and only eight were implemented. commissioner koskinen: what we are doing is for years now security has been a high priority for us. we understand clearly with identity theft, which is based on information stolen elsewhere and then used to file a false return, that that's a difficult and traumatic situation for taxpayers. one of our highest priorities is making sure if that happens to a taxpayer they get prompt response from it. as i noted we worked closely with the inspector general and we value their recommendations and some case west ask them to look at ourcies tomes to make sure they aren't breached. we get pinged not necessarily attacked over a billion times a year. we are aware. no one at the i.r.s. is under any illusions that we are not at risk. so we spend as much time and effort and resources as we can focused on that.

any time we make a change in a system, any time we make a change in a new application, we look at the security aspects of it. as the inspector general said, we are balancing off trying to provide better taxpayer service. as you noted with the resource constraints, we did not answer the phones at anything the rate we would like to v we had 23 million transcripts successfully downloaded last year. otherwise taxpayers would have had to make either on the phone or in person. to the extent that we can provide better service to taxpayers, that's a high priority for us. ultimately, i take your point we take very seriously, taxpayers have to feel they are going to get treated fairly, no matter who they are what organization they belong to, who they voted for. we have done everything we can. we implemented all of the inspector general recommendations on those regards. i think it is important for taxpayers to know we take their concerns seriously. they are ultimately our customers. we work for taxpayers. we don't work for anybody else. senator scott: i will say from a

resourcing standpoint it appears during the obama administration about $5 billion has been dedicated to the i.r.s. for i.t. under the bush administration the number was somewhere around $5.3 billion. in the last decade or so over $10 billion for i.t. it just doesn't seem like the type of security that we would anticipate and expect. i'm running out of time, mr. george. of the 19 recommendations that were made previously for corrective action, it appears that only eight of those 19 were implemented and perhaps some were closed before they were fully implemented. can you shed light on that? mr. george: in the amount of time we have left. i would ask for permission to submit my response in writing. we have made a number of recommendations, a total of 44 recommendations since march of this year. as of march of this year. 18 of those have been security

audits that have yet to be -- recommendations for security audits that have net to be implemented. 10 of those recommendations come from five security audits that were completed during fiscal years 2008 to 2012. so they are very, very dated. and there are a couple of examples of some of the oldest recommendations that we made that we think might have had some bearing on the i.r.s.'s ability. senator scott: can you name one? mr. george: the i.r.s. should require a system administrators and their managers to correct user account deficiencies identified during the audit. managers need to periodically review and validate access to systems. limiting it to people who only have a need to that information. senator scott: those do not sound like resource issues. they sound like management issue. gorge i agree. senator scott: one factoid that i just think is important to

point out. the 1 $$-- 104,000 figure is used a lot. we have to keep in mind those are the transcripts that were accessed. a lot more people could have -- could be affected by that because spouses and dependents of the taxpayer their information is contained within those reports. at this stage i again cannot give you a definitive number. i don't believe the commission is in a position to do so, either. it's more than 104,000 people. thank you for the time. senator hatch: senator casey. senator casey: thanks for this hearing. commissioner, mr. inspector general, thank you for your appearance here and service, we appreciate it. i wanted to start with the issue through the lens of pennsylvania, we have had a number of reports and i have heard directly from law enforcement in pennsylvania about identity theft.

not just the broad based or the significant challenge it presents generally, but specifically because it often involves the response often involves many different agencies. for example in addition to the i.r.s., the department of justice, social security administration and state and local law enforcement. i'd ask you first, commissioner, about that what we refer to as interagency and intrastate -- interstate coordination. tell me about that in terms of what you have been able to do since you have been commissioner. commissioner koskinen: all of this, as i said, exploded in 2010 to 2012, it overwhelmed law enforcement, it overwhelmed everybody. since then we have established very successful partnerships, actually, with state and local law enforcement across the country, particularly in states like georgia and florida where all of this seemed to have

started. so they together with our working relationship with the department of justice and u.s. attorneys, we have a very active criminal investigation division, but we don't prosecute people. we don't bring charges. we have to work again in partnership with u.s. attorneys across the country. that's been a very successful and effective partnership. as i have said we have thrown almost 2,000 people in jail over the last few years who have been condicted and -- convicted and sentenced to long sentences as a result of those partnerships. senator casey: one of the realities for a state like ours, and i'm sure it's true in other states, as well as local prosecutors meaning district attorneys, for example, at the county level are among the law enforcement officials that have to confront the problems. commissioner, i'd ask for your commitment to work with our folks, both local officials and state officials as well as taxpayers on a coordinated

approach to solve the problem. commissioner koskinen: we are delighted to do that. we have no illusion we can do this by ourselves. we need as much help as we can. and we have a grate working partnership with the investigative arm of the inspector general as well. senator casey: thank you. i want to turn to the question of resources. i know that often we in the congress will point to a problem and that's part of our job. in terms of oversight and in terms of making sure taxpayers have their concerns responded to. as we point fingers, we also ought to be constructive in terms of providing support. sometimes it happens, sometimes it doesn't. but i noted in your testimony commissioner on page 5, and i guess i'm asking a question and answering it by reading this, but on the question of resources you say, quote, congress can help by improving the president's f.y. 2016 budget request which includes $101

million specifically devoted to identity theft and refund fraud plus 188 million for critical information technology infrastructure. $101 million plus $188 million. can you tell us what those dollars would be used for? commissioner koskinen: what they would do is on the one hand in terms of identity theft they would improve our ability to more quickly upgrade our process. we have been building that. we could go faster. it would allow us to respond more specifically to individual taxpayers and their concerns. most importantly, it would allow us to upgrade our basic i.t. infrastructure. as i noted earlier we are running antiquated systems, some of which are no longer supported by the software companies. i would stress this particular problem was not on the question of resources. my concern about it is it's really a shout across the bow. the overall ongoing challenge of dealing with sophisticated

criminals around the world, is the security of the entire system. that's where the weaknesses in our antiquated system come to bear. whatever resources we have to continue to improve the overall system will be helpful. senator casey: i hope if there is any additional either by way of authority or resources you need when it comes to dealing with the international dimensions to this, which i'm sure are challenging, i hope you indicate that to us. mr. inspector general, i'll get a question to you maybe for the record if that's all right because we are out of time. we are grateful for your work thanks very much. senator hatch: senator heller you're next. senator heller: mr. chairman, thank you. thanks for holding this hearing. also thank our witnesses for being here also. commissioner, i want to thank you for the call we had yesterday. it was very, very helpful. hopefully we can move forward on some ideas. i'll even bring them up for that matter. as you probably anticipated.

won't be my questioning but i think they are issues important to my home state. i have heard from many of my constituents. there are strong concerns over the proposed i.r.s. changes to the filing of information returns for reported winnings from bingo keno, and slot machines. due to the administrative burden proposed 13,000 customers have signed a petition so that the reporting threshold for bingo keno, and slot machines would not be reduced. and i, too, share their concerns about these proposed rules. across the u.s. the gaming industry supports 1.7 million jobs. about $240 billion in activity. no small sum. my staff's had multiple conversation was your office in regards to these proposed rules and i am pleased that we had that opportunity to have the same discussion between you and i yesterday. that said, i'd like -- i like many other taxpayers was frankly

kept in the dark with regard of receiving responses from the i.r.s. to better address these proposed rules. miest were answered yesterday -- my questions were answered yesterday. your comment period is extended and i appreciate that since it did take a couple months in order to get a response from your office. so as i mentioned yesterday, my comments will be coming in the next week or so. thank you for your help and support. and extending the deadline to get those questions in. the chairman talked a little bit about public trust. for the i.r.s.'s success. you're familiar with that. the number of weaknesses, the ability to effectively protect taxpayers, integrity, and availability of certain taxpayer data unfortunately was not implemented. the inspectoren general's here -- inspector general's here.

he spoke on it. you alluded to it in your testimony. it's my opinion that a properly done tax reform would not only provide a simpler code, but would also provide the i.r.s. with tools to combat tax related identity theft. and assist the victims of this crime. i told you yesterday on the phone i'm here to help. how can i help you? commissioner koskinen: i appreciate that eni appreciate again, the chairman's clarity about what we need to work together on this. it's not a political issue. we have said for some time. we need to get information returns earlier. would be a great help to us. we need to have the authority to what's called mask w-2's so we can assure that they are produced by legitimate companies not fraudulent companies as we go forward. we may need authority to work with the partnership we have with the tax preparers and tax software companies as well as the states to provide minimum

requirements for data that authenticates taxpayers when they file their tax returns. as we go forward. and then ultimately as i have noted our discussion today is not about something that was the result of funding shortage, but the challenge we face more broadly dealing with the criminal enterprises around the world does depend upon making sure we have adequate funding to continue to rebuild our systems get them into what i call the early 21st century rather than the late 19th century. senator heller: commissioner, the previous finance committee chairman, max baucus, he had discussed a draft that would disallow taxpayer social security numbers to be put on the w-2 forms. what's your view of this proposal? i'd ask the same thing. commissioner koskinen: we suggested that actually we get the last four digits on the w-2 form. what's more important if we can

put hash tags on those and legislative authority, much like the number of companies who can provide taper that produces the money is allowed to be constrained by statute. we may need to be able to have those who produce w-2's through a competitive process be limited in number so we can make sure the w-2's and hash tags are appropriate to make sure the identifier is legitimate. senator heller: mr. gorge -- george, think that would be helpful? mr. george: i do. senator heller: time's run out. senator hatch: mr. george, let me ask an unrelated question while you're here. it's an important subject. for almost a year at our request investigating lois lerner's hard drive crash. last month the committee was given the last of the emails pulled from i.r.s. backup tapes.

as i understand it the next and final step is for you to provide us a report on the investigation. now that afflet recovery work has been done, can we get a commitment from you today to submit a report on the hard drive crash by mid june? commissioner koskinen: i can commit, mr. chairman torques having it to you by the end -- mr. george: to you by the end of the month. i spoke to my chief investigator. as of now we conducted over 100, almost 150 interviews of people related to the lost emails. and as you can imagine with each interview that leads to more information that needs to be tracked down. given the nature of this matter, we need to be as sterile as possible. we are endeavoring to do just that. and i can't say there's still very important interviews to come. we'll do our level best to try to accommodate that request,

sir, but i cannot assure you. you will have it before the end of the month. the congress will. senator hatch: we'll live with that. we'd like to get our final report done if we can. >> i would like to go on the record saying i would be delighted to get everybody's final reports. senator hatch: i'm not sure that was helpful. we are glad you're glad is all i can say. senator roberts had a question or two. then i'd like to start the second round. senator roberts: i'd like to go back to that statement for the record. nina olson leads the taxpayer and independent office at the i.r.s. and in her annual report she voted the victims must often navigate a what brinth of i.r.s. observations and recount their experience time and time again to different employees even when cases remain in one i.r.s. function, they may be transferred from one assistant to another with significant periods of nonactivity. on average the agency took

nearly six months to resolve cases. she added the cases were also frequently closed prematurely, but for all related issues have been fully addressed. she recommended that a single officer be assigned to handle each case. and then she spoke to a broader issue which i think sums up what we are after here. while granting taxpayers enhanced action sess to their tax information which was the laudable goal that congress agreed to when we passed this bill the overriding priority now must be to protect taxpayers' confidential tax information from exposure. is that a fair statement? commissioner koskinen: i think as the inspector general said and most people have said, it's a balancing act. as i say, we had 23 million successful down loads of the transcript. if those people had to call us or show up in person to get their transcript, it would have been a problem. but on the other hand, we need to make sure that we are as

secure as possible. i think what's happening across the economy is customers and taxpayers now understand that it may be harder to get access to their accounts, whether it's a bank account -- not harder in the sense it takes you two weeks, but there may be more hurdles you have to go through. you may have to have more information available to get access. i think taxpayers and customers are willing now and understand the need to accept the higher level of burden. so we are -- we are considering all our work in that context in terms of where we go. it should be noted that over 20% of the people who try to get their transcript downloaded can answer their own personal questions. on the other hand, i think what this does remind us all is no matter how important it is to be providing excellent taxpayer service, we have to focus as much as we can on the security of the data. that's a critical issue for us. senator roberts: do you agree? mr. george: i do. senator roberts: the i.r.s.

asked the taxpayers not to contact the agency. anybody's information that was stolen will be contacted. sort of like hurry up and wait. commissioner koskinen: the letters went -- 104,000. senator roberts: do what the letters say? commissioner koskinen: they give instruction how to get credit protection at our expense information how to obtain an i.p. pin if they would like one, the documentation they'll have to provide. it gives them a number to call but suggests if they have questions they go to our website where we provided a set of frequently asked questions about the situation and what can be done. senator roberts: you're confident you have the ability to protect this information with the suggestion you have in that letter? commissioner koskinen: we advise them in that letter we have marked their account so that no one else can file a return when with their own information. senator roberts: appreciate

that. thank you. senator hatch: let me just ask i apologize to you, i should have called on you first. >> i have only had one bite at the apple while were you out of the room. i'll wait my turn. senator hatch: mr. george in 2012 the i.r.s. computer security incidence response center csirc which is responsible for preventing and detecting computer security thets to i.r.s. systems n that 2012 audit, they found that the i.r.s. was not monitoring 34% of its servers. you noted that, quote without adequate monitoring of i.r.s. servers, the csirc may not timely detect malicious activity or cybersecurity incidents. unquote. could the i.r.s.'s failure to monitor its servers lead to the type of breach that occurred in

may? that's question number one. and do they plan to reassess whether the csirc is now actively monitoring all i.r.s. servers? mr. george: question is the answer to your first question, mr. chairman. yes, we will also be monitoring that. senator hatch: mr. george, the i.r.s. is planning to expand the additional online service it is offers in the coming years. one notable example is the secure messaging pilot program that is scheduled to launch in 2016. will allow the i.r.s. to email taxpayers. about sensitive tax information something which the i.r.s. has not done in the past, as i understand it. in light of the recent data breach, do you have concerns about the security of online services that the i.r.s. plans to introduce and beyond current measures, what must the i.r.s. do to ensure these services are secure? mr. george: the i.r.s. has sent the message in the wake of a lot of these attempts to gain access

to taxpayers' identity or other information, and the message was, we never reach out to you by email or -- and the like. so they will have to engage in a public service i think. information effort to inform taxpayers about these new ways of approaching the system of tax administration. ultimately it is a worthwhile goal to be able to contact people by way of emails and alternate ways of contacting them versus paper contact which is much more expensive and obviously you have individuals attempting to help taxpayers, whether taxpayer assistance centers and the like. so it's a way for the i.r.s. to more efficiently and effectively as taxpayers comply with their

tax obligation. it's a good thing. there's no question that they will be looking at the overall proposal. how it's implemented, and the impact that it has on taxpayers. senator hatch: thank you. we appreciate the service that you render. tough job, both of you. senator heller, do you have any questions? senator heller: thank you. i just had a couple of quick questions. probablely won't take all my five minutes. issues that i think are important. the last question i asked commissioner was how could we help? i want you to explain to me why critical authority should be renewed? commissioner koskinen: the streamline critical pay authority has two aspects. the most important is streamlined part. we use it pry marely for high technology people. we can find somebody like the head of our technology information system who worked at boeing and we can recruit them. much as in the private sector if we find the right person we can

make an offer and they can accept it immediately. the government process requires us to go through a complicated process that takes times three to four months for the kind of people, the handful you are talking about recruiting, they often can't wait that long or won't wait three to four months. our i.t. head told me we have two people we tried to hire where if we had streamline would have come, they did not want to participate in the three to five month process. turned us down. mr. senator heller: the authority expired in 2013. what's been the impact between then and today? outside the story you told me. commissioner koskinen: we had 29 people on streamline critical authority, no more than 40 we never use more than 34. we are down now to 15 or 16. we have lost our senior international expert in tax enforcement. we have lost the deputy c.i.o. we have lost the three people who are best at big data

analysis including our expert or authentication. their term ran out and we have not been able to replace them. senator heller: one follow-up. i don't have to tell you about your budget. you know your budget better than do i. in 2014 it's my understanding you spent in the area of $2.4 billion, or 21% of your budget in information technology. would that bunt -- budget being not substantial, do you have the experts you need? commissioner koskinen: the head of cybersecurity is on streamline critical pay. will he rotate off. it's a possibility we won't be able to get him in. of the budget in 2014 about 80% of it goes to simply operating and maintaining our system. so that our challenge in 2014 was, for instance, we asked for $300 million in i.t. to implement the affordable care act. we got zero. we had to take $300 million out of other i.t. programs. and the same thing happened in

2015. senator heller: do you feel you have a qualified -- commissioner koskinen: we have a spectacular work force. i have dealt with a lot, private sector for 20 years and the government. it's a dedicated work force, even with the pressure and sometimes the abuse they take. they are dedicated to the mission. and the mission is based on helping taxpayers. senator heller: mr. chairman, thank you. senator hatch: my understanding senator carper would like to ask a couple questions. first i'd like to thank both of you for being here. appreciate the testimony you have given here today. mr. koskinen you have a tough job, no question. i would be upset every day. and i think there's something

wrong with you that you're not upset every day. on the other hand, i know you are. mr. george, we are very pleased with the hard work that you do. and your group down there. it's important that we have both of you working in the best interests of our country and our taxpayers. i really appreciated you over the time, and the time you have been advising the committee. with that we'll turn to senator carper and hopefully finish up. senator carper: thanks, mr. chairman. i'm an old state treasurer and governor. i have been thinking about these attacks on the i.r.s.. as you know there are 50 states. division of revenues. and has anyone given any thought to how to better help them prepare to defend information and defend their treasuries from

attacks like this? any discussion of that? commissioner koskinen: we have had, i now have a more formal partnership and working relationship with tax administrators. we are sharing information. we are trying to provide them as much assistance as we can about what we know. this is no longer the problem of any individual organization. this is a systemic challenge across the entire economy. there's a website, somebody sent me, that had the indications that the 25 cyberattacks and data breaches in may alone, 25 around the world, we are just one of those 25. we take it seriously. we need to deal with it aggressively. we need to understand it's in the context of a significant systemic set of attacks. senator carper: i heard you said , mr. commissioner, i thought i heard you say -- describing the information that was included in

the letters going out, i thought i heard you say the term i.p. pin. in one of your answers. would you elaborate on that, please. commissioner koskinen: an individual protection pin is a separate six-digit number given to taxpayers if they are the victims of identity theft which they use to file in addition to their social security numbers. they'll have their social security number because we can check that against w-it's -- w-2's. on their 1040 there is a place they can file the i.p. pin. if it doesn't appear, the return is not accepted. it protects them from a fraudulent filing. senator carper: i know it's still early in the review process, do you intend to reinstate the get transcript online application? if so, how do you balance the need for additional security against the need for taxpayers to have a commeen convenience of gathering access to ole the returns? commissioner koskinen: it's the conundrum you face.

we had 23 million successful down loads. that's a lot of taxpayer service. we'll not put it back up unless we are satisfied that the security is, in fact appropriate. it does mean that it's going to be more difficult for taxpayers more of them will not be able to get through. already some them can't get through the existing security breaches. again, i think taxpayers are going to end up in a position to understand that. we are looking at with the lessons learned from this event we are deviling into it at great lengths exactly how it happened, what could be done in the security issues to make it more difficult for it to happen if not impossible. as you know it's continual tradeoff of trying to provide as much information as readily to the taxpayers as we can, but at the same time protecting that data. senator carper: we learned a fair amount today about upgrading the i.r.s.'s i.t. systems. how will the president's f.y. budget request be subject if it were met to meet those needs or

that request from the administration for 2016 just the beginning of a multiyear effort to upgrade your computer systems? commissioner koskinen: the president's budget would allow us to make significant progress in 2302016. your point's well taken. we are not going to -- we were working on upgrading the system for some time. we are not going to be able to do it in one year. one of the things we are working on with the appropriators is to give them a longer term view of what it should actually take both to upgrade the systems and also take to provide secure increased available -- availability to information to taxpayers. senator carper: we talked a moment ago about partnership and make sure they learn from us at the federal level. maybe we can learn a few things from them about providing better protection against these attacks. are there any other countries that we are communicating with who have fought through these problems and responded to these same kind of challenges that we may be able to glean some

helpful ideas? commissioner koskinen: we are in contact. i belong to a group of the 43 largest tax administrators around the world. we seem primarily because of the size of the economy and attractiveness of it, to have more of these challenges than others. but security is on all of their minds. those with a value-added tax have less concern about individual taxpayers as noted in the earlier discussion. but we are sharing information particularly with the oecd countries. as i say thus far in the meetings i have had with them we seem to be having more challenges. as an economy, as well as a tax administration system. senator carper: last question if i could, mr. chairman. inspector general george. a year or so ago i want to say might have been -- i'm not sure the name of the firm. but u.s. firm that specializes in protection against

cyberattacks, a private firm. someone did a fair amount of work on tax emanating from china. they actually drove down and said these are the folks this is where they are located, these are the people that are actually launching these attacks against our country. the chinese didn't accept it very well, but i have not seen anything to refute the veracity of the assertions. i always like to focus on root causes. i like to focus on root causes. i keep trying to figure out how do we go about a root cause approach to deal with this issue. it's just spreading. in our own family we have been involved in a hack against the university that we are associated with, with our health care provider, now in this case the issue at hand. third time is a charm, i hope.

but my guess it isn't for us. how do we go about the root cause to get to in? or can we? is there some way -- everybody keeps saying it's come interesting russia. russia has criminal organizations. isn't there anything we can do about that? mr. george: willie sutton, that's where the money is, and of course having the world's largest economy, as the commissioner suggested, this is -- it atraction -- attracts the bad guys. i'm not familiar with the study you cited in that china is the source of these problems. on a number of criminal investigation that is have been completed by us, a lot of them did emanate from former soviet republics. belarus and places of the like. it's again sir, just too many people, too much time on their hands. with the sophistication of their release to computers and

networks and servers and the like. it is truly a challenge not just for the internal revenue service, as has been stated before both by the commissioner and members of this panel. this is a federal, state, local global problem. i don't see it ending any time soon, sir. just as soon as the i.r.s. increases its security posture, the bad guys will increase their efforts to overcome those. and they have a lot of time on their hands. senator carper: i say in closing, we spend a lot of time trying to focus on the symptoms of problems in all kinds of ways. we don't always focus on the root causes. bun of the things it's important we focus on the symptoms in defending these attacks and the ways it's been discussed today. at the same time we need to think about root causes as well. i'm not sure how to do that. we need to think about that. thank you so much. thank to our witnesses. senator hatch: senator nelson. senator nelson: mr. chairman,

confirmed tax related identity theft victims. florida, 334,962. utah 10,654. senator from delaware 4703. senator carper, you had 4,703 of your constituency that were victims of identity theft. total u.s. d.c., 1,889,736 if you include the u.s. territories

and unconfirmed residents. we are talking about 2.75 million. now, mr. chairman, we have had six hearings on identity theft and yet we continue to bring in i.r.s. we ought to take care of this by passing legislation. i file legislation, you file legislation, your legislation is a lot of similarities between our legislation. we ought to get something moving. senator hatch: let's get together and get it done. i agree with you. senator nelson: absolutely. so put on the record, mr. commissioner what tool would help you on this which i think is in the legislation but you want to get that out there on the record.

commissioner koskinen: as we said earlier in the hearing and the legislation got increasing support on the hill for is we need to get information returns particularly w-2's earlier, we need to get them in january when employees get them so we can, in fact, before we send out refunds, have a bert chance of matching. we also need to have authority to in effect use what are called hashtags on w-2's with industry to make sure they are accurate. criminals are now forming false corporations generating false w-2's to go along with their fraudulent returns. we need to provide minimum standards for qualifications for education for tax preparers which you talked about in your bill. we need to increase the penalties for engaging in identity theft and refund fraud. those are in requests in our budget proposal. they are in your leg we are delighted to work with you.

with the chairman to put together a final package that would give us additional tools. i would stress it will be important and very helpful, but as the inspector general and i both have been saying, there is no magic civil bullet that tomorrow morning will put this all to an end. we need to continue to be vigilant. we need to continue to do everything we can with our systems, with our security with our monitoring of it. but clearly the items that are contained in the legislative discussions you and the chairman have been having are going to be important. senator nelson: that's my point mr. chairman. senator hatch: let's get together. senator nelson: this is what's shocking this is about four years ago, street crime in tampa, florida, dropped. burglaries, auto thefts, muggings, dropped because the criminals suddenly realized get

a laptop. go in and create a false return. and get a refund. and it was all of a sudden too easy to get money -- now it's a good thing that people's homes were not being burglarized, but nevertheless people were being robbed. in this case it's not only individuals who had a nightmare by the way, and thanks to the i.r.s. you have helped us administratively, once a taxpayer is -- has a false return in their name, but what -- and then all of the other i.d. trauma that they go through. getting back their i.d. but it suddenly had a whole shift and the taxpayers are

paying. because of this theft. so thank you, mr. chairman. senator hatch: thank you, senator. i want to thank the commissioner and inspector general for appearing before the committee today. as well as all of the senators who have participated. this has been a very interesting hearing. for me. commissioner cost kin nen unrelated but important points, first in recent months i have written to you of the reissuance on political activity by tax exempt organizations. you know how interested this committee is in this matter. can you tell me when the i.r.s. and treasury department will reissue the proposal? commissioner koskinen: if hi a crystal ball i would be better at that information. we had 160,000 responses we took very seriously. i personally have read over 1,200 pages of the most thoughtful responses. we are moving forward.

my commitment has been -- senator hatch: keep me informed. commissioner koskinen: my commitment has been we will keep you informed. you will not be surprised. we'll keep you updated before we issue a proposal ten will provide for 90 days to comment and public hearing. we don't want anybody to think we are rushing this. we are only going to do this once. we are not going to do it every two or three years. senator hatch: i want to end that treatment of conservative groups liberal groups. quoip we want to have a fuel that's clear, fair to everybody and easy to administer, and easy to operate a c-4 organization under. so you don't have to worry about somebody second-guessing you in the future. senator hatch: in april i wrote to second lew requesting documents relating to the 2013 political activity rule. he has declined that request and i will be responding to him on the matter. i wanted to give you notice that i will be sending a similar

request to your agency. and i look forward to working with you on that in the near future. finally, in april i wrote to you regarding the i.r.s.'s spending on information technology. i want to thank you for acknowledging my letter and i look forward to receiving a thorough response as soon as possible. if you can. commissioner koskinen: a lot of data pulled together. i think it will be very helpful because it does answer a range of very detailed questions about priorities about our exspeerns, how we mon -- experience, how we monitor it all. senator hatch: i hope you're very lucky. i want to thank both of you very much. this has been a lot that you come up on such short notice. any questions for the record should be submitted by no later than tuesday june 9. with that the hearing is adjourned. [captions copyright national cable satellite corp. 2015]

[captioning performed by the national captioning institute, which is responsible for its caption content and accuracy. visit ncicap.org]

>> as this hearing comes to a close, if you missed any of it you can see it in its entirety by going to our website c-span.org. check the c-span video lie brarery. coming up in just a couple moments live u.s. house will gavel in to debate commerce

justice, and science appropriations. it provides just over $50 billion in spending for those departments and agencies. in the house live here on c-span in about two minutes. beginning at noon eastern on c-span. over in the senate lawmakers are continuing work on the n.s.a. surveillance bill. lawmakers voted to move the legislation forward earlier today. the vote on that was 83-14. a number of amendments could be debated this afternoon. we could see final passage. the hill has written a story about it. gillian and jordan report that the senate voted to end debate on legislation reforming the national security agency's controversial surveillance powers today. two days after the legal authority for the program expired. again the vote was 83-14. the senate voted to set up a final vote on that measure. it must first to decide whether it adds amendments backed by majority leader mch mccome and other republics. if those amendments are added the house would have to vote again causing a further lapse in

the n.s.a.'s powers. you can see the senate live on our companion network, c-span2. another item that took place on capitol hill today, president obama athe medal of honor to two world war 1 soldiers. they were denied in the past due to discrimination. correcting a long ago wrong, the president posthumously recognized sergeant william chenen a jewish sorlede, a private van hollen henry jonson, a african-american serviceman for their heroism nearly a century ago. they both risked their lives to save the lives of others. and he adds it's never too late to say thank you. you can see that event also, which we recorded earlier, you can see that in the c-span video library. now live to the u.s. house as members take up commerce, science, and justice appropriations. the house live now on c-span.

the speaker pro tempore: the house will be in order. the prayer will be you are aed by the chaplain father -- by our chaplain, father con roy. -- conroadway. chaplain conroy: let us pray.