[Congressional Bills 113th Congress]
[From the U.S. Government Publishing Office]
[S. 676 Introduced in Senate (IS)]

113th CONGRESS
  1st Session
                                 S. 676

          To prevent tax-related identity theft and tax fraud.


_______________________________________________________________________


                   IN THE SENATE OF THE UNITED STATES

                             April 9, 2013

 Mr. Nelson (for himself, Mrs. Feinstein, Mr. Schumer, and Mr. Cardin) 
introduced the following bill; which was read twice and referred to the 
                          Committee on Finance

_______________________________________________________________________

                                 A BILL


 
          To prevent tax-related identity theft and tax fraud.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE, ETC.

    (a) Short Title.--This Act may be cited as the ``Identity Theft and 
Tax Fraud Prevention Act of 2013''.
    (b) Table of Contents.--The table of contents of this Act is as 
follows:

Sec. 1. Short title, etc.
       TITLE I--PROTECTING VICTIMS OF TAX-RELATED IDENTITY THEFT

Sec. 101. Expedited refunds for identity theft victims.
Sec. 102. Single point of contact for identity theft victims.
Sec. 103. Enhancements to IRS PIN Program.
Sec. 104. Electronic filing opt out.
  TITLE II--SHUTTING DOWN ABUSIVE IDENTITY THEFT AND TAX FRAUD SCHEMES

Sec. 201. Restrictions on ability to use prepaid cards for tax fraud.
Sec. 202. Limitation on multiple tax refunds to the same account.
TITLE III--ADDING CRITICAL NEW PROTECTIONS TO SAFEGUARD SOCIAL SECURITY 
                                NUMBERS

Sec. 301. Restriction on access to the death master file.
Sec. 302. Prohibiting the display of Social Security account numbers on 
                            newly issued Medicare identification cards 
                            and communications provided to Medicare 
                            beneficiaries.
Sec. 303. Prohibition of the display, sale, or purchase of Social 
                            Security numbers.
Sec. 304. Criminal penalties for the misuse of a Social Security 
                            number.
Sec. 305. Civil actions and civil penalties.
  TITLE IV--STRENGTHENING LAWS AND IMPROVING ENFORCEMENT AGAINST TAX-
                         RELATED IDENTITY THEFT

Sec. 401. Criminal penalty for using a false identity in connection 
                            with tax fraud.
Sec. 402. Increased penalty for improper disclosure or use of 
                            information by preparers of returns.
Sec. 403. Authority to transfer Internal Revenue Service appropriations 
                            to use for tax fraud enforcement.
Sec. 404. Local law enforcement liaison.
    TITLE V--ACCELERATING TRANSITION TO A REAL-TIME TAX SYSTEM THAT 
                  PROTECTS TAXPAYERS AND REDUCES FRAUD

Sec. 501. Improvement in access to information in the National 
                            Directory of New Hires for tax 
                            administration purposes.
Sec. 502. Plan of action for transitioning to a real-time tax system.

       TITLE I--PROTECTING VICTIMS OF TAX-RELATED IDENTITY THEFT

SEC. 101. EXPEDITED REFUNDS FOR IDENTITY THEFT VICTIMS.

    Not later than 180 days after the date of enactment of this Act, 
the Secretary of the Treasury, or the Secretary's delegate, shall 
establish a plan of action to reduce the administrative time required 
to process and resolve cases of identity theft in connection with tax 
returns, including the issuance of refunds to legitimate taxpayers, to 
no more than 90 days, on average.

SEC. 102. SINGLE POINT OF CONTACT FOR IDENTITY THEFT VICTIMS.

    Not later than 180 days after the date of enactment of this Act, 
the Secretary of the Treasury, or the Secretary's delegate, shall 
establish new procedures to ensure that any taxpayer whose return has 
been delayed or otherwise adversely affected due to identity theft has 
a single point of contact at the Internal Revenue Service throughout 
the processing of his or her case. The single point of contact shall 
track the case of the taxpayer from start to finish and coordinate with 
other specialized units to resolve case issues as quickly as possible.

SEC. 103. ENHANCEMENTS TO IRS PIN PROGRAM.

    (a) In General.--The Secretary of the Treasury, or the Secretary's 
delegate, shall issue a personal identification number to identity 
theft victims as soon as practicable after their true identity has been 
established and verified.
    (b) Report.--Not later than 360 days after the date of enactment of 
this Act, the Secretary of the Treasury shall submit to Congress a 
report analyzing the effectiveness of the program described in 
subsection (a) in reducing tax fraud.

SEC. 104. ELECTRONIC FILING OPT OUT.

    Not later than 180 days after the date of enactment of this Act, 
the Secretary of the Treasury, or the Secretary's delegate, shall 
implement a program under which a person who has filed an identity 
theft affidavit with the Secretary may elect to prevent the processing 
of any Federal tax return submitted in an electronic format by a person 
purporting to be such a person.

  TITLE II--SHUTTING DOWN ABUSIVE IDENTITY THEFT AND TAX FRAUD SCHEMES

SEC. 201. RESTRICTIONS ON ABILITY TO USE PREPAID CARDS FOR TAX FRAUD.

    (a) Accounts With Elevated Risk of Identity Theft.--
            (1) In general.--Not later than 360 days after the date of 
        the enactment this Act, the Federal primary financial 
        regulatory agencies, in consultation with the Secretary of the 
        Treasury, shall jointly prescribe regulations requiring newly 
        issued deposit or transaction account numbers, as the case may 
        be, to be distinguishable between verified accounts and at-risk 
        accounts.
            (2) Definitions.--As used in this section--
                    (A) the term ``at-risk account'' means any deposit 
                account or transaction account, including accounts 
                associated with a prepaid access arrangement, that is 
                not a verified account;
                    (B) the term ``primary financial regulatory 
                agency'' has the same meaning as in section 2(12) of 
                the Dodd-Frank Wall Street Reform and Consumer 
                Protection Act (12 U.S.C. 5301(12)); and
                    (C) the term ``verified account'' means any deposit 
                account or transaction account in which the identity of 
                the account holder and any prepaid access customer 
                associated with the account is verified by--
                            (i) customer identification procedures that 
                        comply with section 5318(l) of title 31, United 
                        States Code; and
                            (ii) direct review of an original, 
                        unexpired government-issued form of 
                        identification bearing a photograph or similar 
                        safeguard, such as a driver's license or 
                        passport.
    (b) GAO Audit of Debit Card Issuers To Ensure Compliance With 
Customer Identification Requirements.--
            (1) Review and evaluation.--The Comptroller General of the 
        United States shall review and evaluate the effectiveness of 
        the current Customer Identification Program rules implementing 
        the customer identification program requirements under section 
        5318(l) of title 31, United States Code, as such rules apply to 
        the prepaid card industry.
            (2) Required considerations.--The review and evaluation 
        required under paragraph (1) shall--
                    (A) consider whether weaknesses in current customer 
                identification programs are contributing to identity 
                theft and financial loss, particularly with respect to 
                tax fraud; and
                    (B) review whether--
                            (i) current risk-based standards for 
                        customer identification are the best means to 
                        prevent criminal use of prepaid cards and 
                        provide sufficient guidance and certainty to 
                        the sellers and providers of prepaid access;
                            (ii) current exclusions from customer 
                        identification requirements, such as exclusions 
                        for government benefit programs, are 
                        appropriate; and
                            (iii) Federal regulatory agencies exercise 
                        adequate oversight and supervision of customer 
                        identification practices of the prepaid card 
                        industry.
            (3) Report to congress.--Not later than 360 days after the 
        date of the enactment this Act, the Comptroller General of the 
        United States shall submit to Congress a report--
                    (A) on the findings of the review and evaluation 
                required under paragraph (1); and
                    (B) containing any recommendations or proposals for 
                legislative or administrative action to improve the 
                customer identification practices of the prepaid card 
                industry.

SEC. 202. LIMITATION ON MULTIPLE TAX REFUNDS TO THE SAME ACCOUNT.

    (a) In General.--Not later than 180 days after the date of 
enactment of this Act, the Secretary of the Treasury, or the 
Secretary's delegate, shall issue regulations that restrict the 
delivery or deposit of multiple tax refunds from the same tax year to 
the same individual account or mailing address.
    (b) Exception.--The regulation promulgated under subsection (a) 
shall provide that the restrictions shall not apply in cases and 
situations where the Secretary determines there is not a likelihood of 
tax fraud.

TITLE III--ADDING CRITICAL NEW PROTECTIONS TO SAFEGUARD SOCIAL SECURITY 
                                NUMBERS

SEC. 301. RESTRICTION ON ACCESS TO THE DEATH MASTER FILE.

    (a) In General.--Not later than 90 days after the date of the 
enactment of this Act, the Commissioner of the Social Security 
Administration shall vest all responsibilities for the release of 
Social Security death records to non-governmental persons or entities 
with the Secretary of Commerce through a memorandum of understanding.
    (b) Prohibition.--The Secretary of Commerce shall not disclose 
information contained in Social Security death records to any non-
governmental person or entity with respect to any individual who has 
died at any time during the calendar year in which the request for 
disclosure is made or the succeeding 2 calendar years unless such 
person is certified under the program established under subsection (c).
    (c) Certification Program.--
            (1) In general.--The Secretary of Commerce shall establish 
        a program--
                    (A) to certify persons who are eligible to access 
                the information described in subsection (b) contained 
                on the Death Master File, and
                    (B) to perform periodic and unscheduled audits of 
                certified persons to determine the compliance by such 
                certified persons with the requirements of the program.
            (2) Certification.--A person shall not be certified nor 
        remain certified under the program established under paragraph 
        (1) unless--
                    (A) the Secretary of Commerce determines that 
                access to the information described in subsection (b) 
                is appropriate because--
                            (i) such person has a legitimate interest 
                        in preventing fraud or unauthorized financial 
                        transactions,
                            (ii) such access will facilitate compliance 
                        by such person with an applicable law, 
                        regulation, court order, or fiduciary duty,
                            (iii) such access will facilitate timely 
                        and proper administration by such person of an 
                        insurance policy or benefit program, or
                            (iv) such person is subject to disclosure 
                        requirements under section 502 of the Gramm-
                        Leach-Bliley Act (15 U.S.C. 6802), section 620 
                        of the Fair Credit Reporting Act (15 U.S.C. 
                        1681r), or any other Federal statute that the 
                        Secretary determines, following notice and 
                        comment rulemaking, provides sufficient 
                        protection against improper disclosure of 
                        information described in subsection (b), and
                    (B) the Secretary of Commerce verifies that such 
                person has facilities and procedures in place to 
                safeguard such information, and experience in 
                maintaining the confidentiality, security, and 
                appropriate use of such information.
            (3) Fees.--The Secretary of Commerce shall establish under 
        section 9701 of title 31, United States Code, for the charge of 
        fees sufficient to cover all costs associated with evaluating 
        applications for certification and auditing, inspecting, and 
        monitoring certified persons under the program.
    (d) Imposition of Penalty.--
            (1) In general.--Subject to paragraph (2), any person who 
        is certified under the program established under subsection 
        (c), who receives information described in subsection (b), and 
        who during the period of time described in subsection (b)--
                    (A) discloses such information to any other person, 
                or
                    (B) uses any such information to commit, or aid or 
                abet, any criminal offense,
        shall pay a penalty of $5,000 for each such disclosure or use, 
        but the total amount imposed under this subsection on such a 
        person for any calendar year shall not exceed $500,000.
            (2) Exception.--A person who--
                    (A) is certified under the program established 
                under subsection (c),
                    (B) upon request by another person, verifies that 
                an individual is or is not deceased pursuant to 
                information contained on the Death Master File, and
                    (C) does not disclose any additional information 
                described in subsection (b),
        shall not be subject to a penalty pursuant to paragraph (1).
    (e) Exemption From Freedom of Information Act Requirement With 
Respect to Certain Records of Deceased Individuals.--
            (1) In general.--Subsequent to the date on which the 
        Secretary of Commerce establishes the program described in 
        subsection (c)(1), the Social Security Administration shall not 
        be compelled to disclose any information described in 
        subsection (b) to any non-governmental person or entity who is 
        not certified under such program.
            (2) Treatment of information.--For purposes of section 552 
        of title 5, United States Code, this section shall be 
        considered a statute described in subsection (b)(3)(B) of such 
        section 552.

SEC. 302. PROHIBITING THE DISPLAY OF SOCIAL SECURITY ACCOUNT NUMBERS ON 
              NEWLY ISSUED MEDICARE IDENTIFICATION CARDS AND 
              COMMUNICATIONS PROVIDED TO MEDICARE BENEFICIARIES.

    (a) In General.--Not later than 2 years after the date of the 
enactment of this Act, the Secretary of Health and Human Services, in 
consultation with the Commissioner of Social Security, shall establish 
and begin to implement procedures to eliminate the unnecessary 
collection, use, and display of Social Security account numbers of 
Medicare beneficiaries.
    (b) Newly Issued Medicare Cards and Communications Provided to 
Beneficiaries.--
            (1) Newly issued cards.--
                    (A) In general.--Not later than 4 years after the 
                date of enactment of this Act, the Secretary of Health 
                and Human Services, in consultation with the 
                Commissioner of Social Security, shall ensure that each 
                newly issued Medicare identification card meets the 
                requirements described in subparagraph (B).
                    (B) Requirements.--
                            (i) In general.--Subject to clauses (ii) 
                        and (iii), the requirements described in this 
                        subparagraph are, with respect to a Medicare 
                        identification card, that the card does not 
                        display or electronically store (in an 
                        unencrypted format) a Medicare beneficiary's 
                        Social Security account number.
                            (ii) Exception.--The Secretary may waive 
                        the requirements under clause (i) in the case 
                        where the health insurance claim number of a 
                        beneficiary is the Social Security number of 
                        the beneficiary, the beneficiary's spouse, or 
                        another individual.
                            (iii) Use of partial account number.--The 
                        Secretary of Health and Human Services, in 
                        consultation with the Commissioner of Social 
                        Security, may provide for the use of a partial 
                        Social Security account number on a Medicare 
                        identification card if the Secretary determines 
                        that such use does not allow an unacceptable 
                        risk of fraudulent use.
            (2) Communications provided to beneficiaries.--Not later 
        than 4 years after the date of enactment of this Act, the 
        Secretary of Health and Human Services shall prohibit the 
        display of a Medicare beneficiary's Social Security account 
        number on written or electronic communication provided to the 
        beneficiary unless the Secretary, in consultation with the 
        Commissioner of Social Security, determines that inclusion of 
        Social Security account numbers on such communications is 
        essential for the operation of the Medicare program.
    (c) Medicare Beneficiary Defined.--In this section, the term 
``Medicare beneficiary'' means an individual entitled to, or enrolled 
for, benefits under part A of title XVIII of the Social Security Act 
(42 U.S.C. 1395c et seq.) or enrolled for benefits under part B of such 
title (42 U.S.C. 1395j et seq.).
    (d) Conforming Amendments.--
            (1) Reference in the social security act.--Section 
        205(c)(2)(C) of the Social Security Act (42 U.S.C. 
        405(c)(2)(C)) is amended--
                    (A) by moving clause (x), as added by section 
                1414(a)(2) of the Patient Protection and Affordable 
                Care Act (Public Law 111-148), 6 ems to the left;
                    (B) by redesignating clause (x), as added by 
                section 2(a)(1) of the Social Security Number 
                Protection Act of 2010 (42 U.S.C. 1305 note), as clause 
                (xii); and
                    (C) by adding after clause (xii), as redesignated 
                by subparagraph (B), the following new clause:
    ``(xiii) Subject to section 302 of the Identity Theft and Tax Fraud 
Prevention Act of 2013, social security account numbers shall not be 
displayed on Medicare identification cards or on communications 
provided to Medicare beneficiaries.''.
            (2) Access to information.--Section 205(r) of the Social 
        Security Act (42 U.S.C. 405(r)) is amended by adding at the end 
        the following new paragraph:
    ``(10) To prevent and identify fraudulent activity, the 
Commissioner shall upon the request of the Attorney General or upon the 
request of the Secretary of Health and Human Services enter into a 
reimbursable agreement with the Attorney General or the Secretary to 
provide information collected under paragraph (1) if--
            ``(A) the requirements of subparagraphs (A) and (B) of 
        paragraph (3) are met; and
            ``(B) such agreement includes appropriate provisions to 
        protect the confidentiality of information provided by the 
        Commissioner under such agreement.''.
    (e) Pilot Program.--
            (1) Establishment.--The Secretary shall establish a pilot 
        program utilizing smart card technology to evaluate--
                    (A) the applicability of smart card technology to 
                the Medicare program under title XVIII of the Social 
                Security Act (42 U.S.C. 1395 et seq.), including the 
                applicability of such technology to Medicare 
                beneficiaries or Medicare providers; and
                    (B) whether such cards would be effective in 
                preventing fraud under the Medicare program.
            (2) Implementation.--
                    (A) Initial implementation.--The Secretary shall 
                implement the pilot program under this subsection not 
                later than 1 year after the date of enactment of this 
                Act.
                    (B) Scope and duration.--The Secretary shall 
                conduct the pilot program--
                            (i) in not less than 2 States; and
                            (ii) for a period of not less than 180 days 
                        or more than 2 years.
            (3) Report.--Not later than 12 months after the completion 
        of the pilot program under this subsection, the Secretary shall 
        submit to the appropriate committees of Congress and make 
        available to the public a report that includes the following:
                    (A) A summary of the pilot program and findings, 
                including--
                            (i) the costs or savings to the Medicare 
                        program as a result of the implementation of 
                        the pilot program;
                            (ii) whether the use of smart card 
                        technology resulted in improvements in the 
                        quality of care provided to Medicare 
                        beneficiaries under the pilot program; and
                            (iii) whether such technology was useful in 
                        preventing or detecting fraud, waste, and abuse 
                        in the Medicare program.
                    (B) Recommendations regarding whether the use of 
                smart card technology should be expanded under the 
                Medicare program.
            (4) Definitions.--In this subsection:
                    (A) Medicare provider.--The term ``Medicare 
                provider'' includes a provider of services (as defined 
                in section 1861(u) of the Social Security Act (42 
                U.S.C. 1395x(u))) and a supplier (as defined in section 
                1861(d) of such Act (42 U.S.C. 1395x(d))).
                    (B) Secretary.--The term ``Secretary'' means the 
                Secretary of Health and Human Services.
                    (C) Smart card.--The term ``smart card'' means 
                identification used by a Medicare beneficiary or a 
                Medicare provider that includes anti-fraud attributes. 
                Such a card--
                            (i) may rely on existing commercial data 
                        transfer networks or on a network of 
                        proprietary card readers or databases; and
                            (ii) may include--
                                    (I) cards using technology adapted 
                                from the financial services industry;
                                    (II) cards containing individual 
                                biometric identification, provided that 
                                such identification is encrypted and 
                                not contained in any central database;
                                    (III) cards adapting technology and 
                                processes utilized in the TRICARE 
                                program under chapter 55 of title 10, 
                                United States Code, or by the Veterans' 
                                Administration; or
                                    (IV) such other technology as the 
                                Secretary determines appropriate.

SEC. 303. PROHIBITION OF THE DISPLAY, SALE, OR PURCHASE OF SOCIAL 
              SECURITY NUMBERS.

    (a) Prohibition.--
            (1) In general.--Chapter 47 of title 18, United States 
        Code, is amended by inserting after section 1028A the 
        following:
``Sec. 1028B. Prohibition of the display, sale, or purchase of Social 
              Security numbers
    ``(a) Definitions.--In this section:
            ``(1) Display.--The term `display' means to intentionally 
        communicate or otherwise make available (on the Internet or in 
        any other manner) to the general public an individual's Social 
        Security number.
            ``(2) Person.--The term `person' means any individual, 
        partnership, corporation, trust, estate, cooperative, 
        association, or any other entity.
            ``(3) Purchase.--The term `purchase' means providing 
        directly or indirectly, anything of value in exchange for a 
        Social Security number.
            ``(4) Sale.--The term `sale' means obtaining, directly or 
        indirectly, anything of value in exchange for a Social Security 
        number.
            ``(5) State.--The term `State' means any State of the 
        United States, the District of Columbia, Puerto Rico, the 
        Northern Mariana Islands, the United States Virgin Islands, 
        Guam, American Samoa, and any territory or possession of the 
        United States.
    ``(b) Limitation on Display.--No person may display any 
individual's Social Security number to the general public without the 
affirmatively expressed consent of the individual.
    ``(c) Limitation on Sale or Purchase.--Except as otherwise provided 
in this section, no person may sell or purchase any individual's Social 
Security number without the affirmatively expressed consent of the 
individual.
    ``(d) Prerequisites for Consent.--In order for consent to exist 
under subsection (b) or (c), the person displaying or seeking to 
display, selling or attempting to sell, or purchasing or attempting to 
purchase, an individual's Social Security number shall--
            ``(1) inform the individual of the general purpose for 
        which the number will be used, the types of persons to whom the 
        number may be available, and the scope of transactions 
        permitted by the consent; and
            ``(2) obtain the affirmatively expressed consent 
        (electronically or in writing) of the individual.
    ``(e) Exceptions.--Nothing in this section shall be construed to 
prohibit or limit the display, sale, or purchase of a Social Security 
number--
            ``(1) required, authorized, or excepted under any Federal 
        law;
            ``(2) for a public health purpose, including the protection 
        of the health or safety of an individual in an emergency 
        situation;
            ``(3) for a national security purpose;
            ``(4) for a law enforcement purpose, including the 
        investigation of fraud and the enforcement of a child support 
        obligation;
            ``(5) if the display, sale, or purchase of the number is 
        for a use occurring as a result of an interaction between 
        businesses, governments, or business and government (regardless 
        of which entity initiates the interaction), including, but not 
        limited to--
                    ``(A) the prevention of fraud (including fraud in 
                protecting an employee's right to employment benefits);
                    ``(B) the facilitation of credit checks or the 
                facilitation of background checks of employees, 
                prospective employees, or volunteers;
                    ``(C) the retrieval of other information from other 
                businesses, commercial enterprises, government 
                entities, or private nonprofit organizations; or
                    ``(D) when the transmission of the number is 
                incidental to, and in the course of, the sale, lease, 
                franchising, or merger of all, or a portion of, a 
                business;
            ``(6) if the transfer of such a number is part of a data 
        matching program involving a Federal, State, or local agency; 
        or
            ``(7) if such number is required to be submitted as part of 
        the process for applying for any type of Federal, State, or 
        local government benefit or program;
except that, nothing in this subsection shall be construed as 
permitting a professional or commercial user to display or sell a 
Social Security number to the general public.
    ``(f) Limitation.--Nothing in this section shall prohibit or limit 
the display, sale, or purchase of Social Security numbers as permitted 
under title V of the Gramm-Leach-Bliley Act, or for the purpose of 
affiliate sharing as permitted under the Fair Credit Reporting Act, 
except that no entity regulated under such Acts may make Social 
Security numbers available to the general public, as may be determined 
by the appropriate regulators under such Acts. For purposes of this 
subsection, the general public shall not include affiliates or 
unaffiliated third-party business entities as may be defined by the 
appropriate regulators.''.
            (2) Conforming amendment.--The chapter analysis for chapter 
        47 of title 18, United States Code, is amended by inserting 
        after the item relating to section 1028 the following:

``1028B. Prohibition of the display, sale, or purchase of Social 
                            Security numbers.''.
    (b) Study; Report.--
            (1) In general.--The Attorney General shall conduct a study 
        and prepare a report on all of the uses of Social Security 
        numbers permitted, required, authorized, or excepted under any 
        Federal law. The report shall include a detailed description of 
        the uses allowed as of the date of enactment of this Act, the 
        impact of such uses on privacy and data security, and shall 
        evaluate whether such uses should be continued or discontinued 
        by appropriate legislative action.
            (2) Report.--Not later than 1 year after the date of 
        enactment of this Act, the Attorney General shall report to 
        Congress findings under this subsection. The report shall 
        include such recommendations for legislation based on criteria 
        the Attorney General determines to be appropriate.
    (c) Effective Date.--The amendments made by this section shall take 
effect on the date that is 30 days after the date on which the final 
regulations promulgated under section 5 are published in the Federal 
Register.

SEC. 304. CRIMINAL PENALTIES FOR THE MISUSE OF A SOCIAL SECURITY 
              NUMBER.

    (a) Prohibition of Wrongful Use as Personal Identification 
Number.--No person may obtain any individual's Social Security number 
for purposes of locating or identifying an individual with the intent 
to physically injure, harm, or use the identity of the individual for 
any illegal purpose.
    (b) Criminal Sanctions.--Section 208(a) of the Social Security Act 
(42 U.S.C. 408(a)) is amended--
            (1) in paragraph (8), by inserting ``or'' after the 
        semicolon; and
            (2) by inserting after paragraph (8) the following:
            ``(9) except as provided in subsections (e) and (f) of 
        section 1028B of title 18, United States Code, knowingly and 
        willfully displays, sells, or purchases (as those terms are 
        defined in section 1028B(a) of title 18, United States Code) 
        any individual's Social Security account number without having 
        met the prerequisites for consent under section 1028B(d) of 
        title 18, United States Code; or
            ``(10) obtains any individual's Social Security number for 
        the purpose of locating or identifying the individual with the 
        intent to injure or to harm that individual, or to use the 
        identity of that individual for an illegal purpose;''.

SEC. 305. CIVIL ACTIONS AND CIVIL PENALTIES.

    (a) Civil Action in State Courts.--
            (1) In general.--Any individual aggrieved by an act of any 
        person in violation of this Act or any amendments made by this 
        Act may, if otherwise permitted by the laws or rules of the 
        court of a State, bring in an appropriate court of that State--
                    (A) an action to enjoin such violation;
                    (B) an action to recover for actual monetary loss 
                from such a violation, or to receive up to $500 in 
                damages for each such violation, whichever is greater; 
                or
                    (C) both such actions.
        It shall be an affirmative defense in any action brought under 
        this paragraph that the defendant has established and 
        implemented, with due care, reasonable practices and procedures 
        to effectively prevent violations of the regulations prescribed 
        under this Act. If the court finds that the defendant willfully 
        or knowingly violated the regulations prescribed under this 
        subsection, the court may, in its discretion, increase the 
        amount of the award to an amount equal to not more than 3 times 
        the amount available under subparagraph (B).
            (2) Statute of limitations.--An action may be commenced 
        under this subsection not later than the earlier of--
                    (A) 5 years after the date on which the alleged 
                violation occurred; or
                    (B) 3 years after the date on which the alleged 
                violation was or should have been reasonably discovered 
                by the aggrieved individual.
            (3) Nonexclusive remedy.--The remedy provided under this 
        subsection shall be in addition to any other remedies available 
        to the individual.
    (b) Civil Penalties.--
            (1) In general.--Any person who the Attorney General 
        determines has violated any section of this Act or of any 
        amendments made by this Act shall be subject, in addition to 
        any other penalties that may be prescribed by law--
                    (A) to a civil penalty of not more than $5,000 for 
                each such violation; and
                    (B) to a civil penalty of not more than $50,000, if 
                the violations have occurred with such frequency as to 
                constitute a general business practice.
            (2) Determination of violations.--Any willful violation 
        committed contemporaneously with respect to the Social Security 
        numbers of 2 or more individuals by means of mail, 
        telecommunication, or otherwise, shall be treated as a separate 
        violation with respect to each such individual.
            (3) Enforcement procedures.--The provisions of section 
        1128A of the Social Security Act (42 U.S.C. 1320a-7a), other 
        than subsections (a), (b), (f), (h), (i), (j), (m), and (n) and 
        the first sentence of subsection (c) of such section, and the 
        provisions of subsections (d) and (e) of section 205 of such 
        Act (42 U.S.C. 405) shall apply to a civil penalty action under 
        this subsection in the same manner as such provisions apply to 
        a penalty or proceeding under section 1128A(a) of such Act (42 
        U.S.C. 1320a-7a(a)), except that, for purposes of this 
        paragraph, any reference in section 1128A of such Act (42 
        U.S.C. 1320a-7a) to the Secretary shall be deemed to be a 
        reference to the Attorney General.

  TITLE IV--STRENGTHENING LAWS AND IMPROVING ENFORCEMENT AGAINST TAX-
                         RELATED IDENTITY THEFT

SEC. 401. CRIMINAL PENALTY FOR USING A FALSE IDENTITY IN CONNECTION 
              WITH TAX FRAUD.

    (a) In General.--Section 7206 of the Internal Revenue Code of 1986 
is amended--
            (1) by striking ``Any person'' and inserting the following:
    ``(a) In General.--Any person'', and
            (2) by adding at the end the following new subsection:
    ``(b) Use of False Identity.--Any person who willfully 
misappropriates another person's taxpayer identity (as defined in 
section 6103(b)(6)) for the purpose of making any list, return, 
account, statement, or other document submitted to the Secretary under 
the provisions of this title shall be guilty of a felony and, upon 
conviction thereof, shall be fined not more than $250,000 ($500,000 in 
the case of a corporation) or imprisoned not more than 5 years, or 
both, together with the costs of prosecution.''.
    (b) Aggravated Identity Theft.--Section 1028A(c) of title 18, 
United States Code, is amended by striking ``or'' at the end of 
paragraph (10), by striking the period at the end of paragraph (11) and 
inserting ``; or'', and by adding at the end the following new 
paragraph:
            ``(12) section 7206(b) of the Internal Revenue Code of 1986 
        (relating to use of false identity in connection with tax 
        fraud).''.
    (c) Effective Date.--The amendments made by this section shall 
apply to offenses committed after the date of the enactment of this 
Act.

SEC. 402. INCREASED PENALTY FOR IMPROPER DISCLOSURE OR USE OF 
              INFORMATION BY PREPARERS OF RETURNS.

    (a) In General.--Section 6713(a) of the Internal Revenue Code of 
1986 is amended--
            (1) by striking ``$250'' and inserting ``$1,000'', and
            (2) by striking ``$10,000'' and inserting ``$50,000''.
    (b) Criminal Penalty.--Section 7216(a) of the Internal Revenue Code 
of 1986 is amended by striking ``$1,000'' and inserting ``$100,000''.
    (c) Effective Date.--The amendments made by this section shall 
apply to disclosures or uses after the date of the enactment of this 
Act.

SEC. 403. AUTHORITY TO TRANSFER INTERNAL REVENUE SERVICE APPROPRIATIONS 
              TO USE FOR TAX FRAUD ENFORCEMENT.

    For any fiscal year, the Commissioner of Internal Revenue may 
transfer not more than $10,000,000 to the ``Enforcement'' account of 
the Internal Revenue Service from amounts appropriated to other 
Internal Revenue Service accounts. Any amounts so transferred shall be 
used solely for the purposes of preventing and resolving potential 
cases of tax fraud.

SEC. 404. LOCAL LAW ENFORCEMENT LIAISON.

    (a) Establishment.--The Commissioner of Internal Revenue shall 
establish within the Criminal Investigation Division of the Internal 
Revenue Service the position of Local Law Enforcement Liaison.
    (b) Duties.--The Local Law Enforcement Liaison shall serve as the 
primary source of contact for State and local law enforcement 
authorities with respect to tax-related identity theft and other tax 
fraud matters, having duties that shall include--
            (1) receiving information from State and local law 
        enforcement authorities;
            (2) responding to inquiries from State and local law 
        enforcement authorities;
            (3) administering authorized information-sharing 
        initiatives with State or local law enforcement authorities and 
        reviewing the performance of such initiatives;
            (4) ensuring any information provided through authorized 
        information-sharing initiatives with State or local law 
        enforcement authorities is used only for the prosecution of 
        identity theft-related crimes and not re-disclosed to third 
        parties; and
            (5) any other duties as delegated by the Commissioner of 
        Internal Revenue.

    TITLE V--ACCELERATING TRANSITION TO A REAL-TIME TAX SYSTEM THAT 
                  PROTECTS TAXPAYERS AND REDUCES FRAUD

SEC. 501. IMPROVEMENT IN ACCESS TO INFORMATION IN THE NATIONAL 
              DIRECTORY OF NEW HIRES FOR TAX ADMINISTRATION PURPOSES.

    (a) In General.--Paragraph (3) of section 453(i) of the Social 
Security Act (42 U.S.C. 653(i)) is amended to read as follows:
            ``(3) Administration of federal tax laws.--The Secretary of 
        the Treasury shall have access to the information in the 
        National Directory of New Hires for purposes of administering 
        the Internal Revenue Code of 1986.''.
    (b) Effective Date.--The amendment made by this section shall take 
effect on the date of the enactment of this Act.

SEC. 502. PLAN OF ACTION FOR TRANSITIONING TO A REAL-TIME TAX SYSTEM.

    Not later than 270 days after the date of enactment of this Act, 
the Secretary of the Treasury, or the Secretary's delegate, shall 
submit to Congress a report analyzing and outlining options and 
potential timelines for moving toward a tax system that reduces burdens 
on taxpayers and decreases tax fraud through real-time information 
matching.
                                 <all>