LegisTrack
Back to all bills
HR 1101119th CongressIntroduced

Taxpayer Data Protection Act

Introduced: Feb 6, 2025
View on Congress.gov
Standard Summary
Comprehensive overview in 1-2 paragraphs

The Taxpayer Data Protection Act would tighten who can access the Department of the Treasury’s public money receipt or payment systems, including the Bureau of the Fiscal Service’s payment system. It adds a new set of eligibility rules that require either Treasury personnel (officers, employees, or contractors) with a current eligibility to access the system, a “fully successful” performance rating, and at least one year in a civil-service or contract role, or alternatively, non-Treasury personnel to have a security clearance, avoid conflicts of interest under 18 U.S.C. 208, meet a minimum period of service, complete privacy/cybersecurity training, and sign an ethics agreement. The bill also requires Treasury’s Inspector General to investigate any unauthorized access and report to Congress within 30 days, detailing what happened, the privacy/national security risks, and any payments that were stopped. Overall, the measure aims to reduce unlawful or improper access to taxpayer payment data and strengthen oversight and accountability.

Key Points

  • 1The Act adds a new access standard to the Treasury public money receipt or payment systems (including BFS) limiting access to eligible Treasury officers/employees/contractors or, if not in those categories, to individuals with appropriate security clearances and meeting specified conditions (training, ethics, no conflicts, etc.).
  • 2For those not described as Treasury officers or employees, access requires (i) an appropriate security clearance granted under the National Security Act, (ii) compliance with 18 U.S.C. 208 (no improper conflicts), (iii) not being a special Government employee, (iv) at least one year of continuous civil service, (v) completed privacy/cybersecurity/national security training, and (vi) a signed ethics agreement with Treasury or the Office of Government Ethics.
  • 3Unauthorized access triggers an Inspector General investigation, with a congressional report due within 30 days including details of the incident, a privacy/security risk assessment, and any payments that were stopped.
  • 4Non-employees who access the system will be treated as executive-branch employees for purposes of 18 U.S.C. 208, heightening accountability for their actions.
  • 5The bill uses strong language about restricting access “unless” these criteria are met, signaling tighter controls and heightened scrutiny over who can touch Treasury payment data.

Impact Areas

Primary group/area affected- Treasury Department personnel (officers, employees, contractors) who work with or have access to the Department’s payment systems, and any non-government personnel granted access.Secondary group/area affected- Security clearance holders, privacy and cybersecurity training programs, ethics compliance processes, and the Treasury Inspector General responsible for investigations and reporting.Additional impacts- Potentially higher administrative and compliance costs for onboarding, training, and maintaining eligibility/clearance.- Increased accountability and potential consequences under 18 U.S.C. 208 for those with access, including non-employees treated as executive-branch personnel for conflict-of-interest purposes.- Possible impact on the speed or process of granting access to sensitive payment data, and potential effects on the handling of payments if unauthorized access is detected.
Generated by gpt-5-nano on Nov 19, 2025