05/26/2026

IRS proposal could turn taxpayer facial verification into long-term fraud database

Biometric Update

The Internal Revenue Service (IRS) is considering a proposal that would authorize ID.me to retain taxpayers’ biometric data for years, a change that would deepen the role of facial recognition in federal tax administration and revive privacy concerns that forced the IRS to retreat from a similar controversy four years ago.

Under the proposal, biometric scans collected during identity verification for IRS.gov accounts could be kept by ID.me for as long as an account remains active and then for up to 36 months after the account is deleted.

The retained data could be accessed by government officials only as part of law enforcement or IRS inspector general investigations and through legal process.

The proposal reflects a growing concern inside the federal government that identity fraud is becoming harder to detect as criminals use stolen personal information, synthetic, and AI-generated images to impersonate taxpayers.

The proposed action has raised questions about how much biometric information Americans should be expected to give a private contractor to access government services online.