specified return information
(14) Disclosure of return information for purposes of cybersecurity and the prevention of identity theft tax refund fraud (A) In general Under such procedures and subject to such conditions as the Secretary may prescribe, the Secretary may disclose specified return information to specified ISAC participants to the extent that the Secretary determines such disclosure is in furtherance of effective Federal tax administration relating to the detection or prevention of identity theft tax refund fraud, validation of taxpayer identity, authentication of taxpayer returns, or detection or prevention of cybersecurity threats. (B) Specified ISAC participants For purposes of this paragraph— (i) In general The term “specified ISAC participant” means— (I) any person designated by the Secretary as having primary responsibility for a function performed with respect to the information sharing and analysis center described in section 2003(a) of the Taxpayer First Act, and (II) any person subject to the requirements of section 7216 and which is a participant in such information sharing and analysis center. (ii) Information sharing agreement Such term shall not include any person unless such person has entered into a written agreement with the Secretary setting forth the terms and conditions for the disclosure of information to such person under this paragraph, including requirements regarding the protection and safeguarding of such information by such person. (C) Specified return information For purposes of this paragraph, the term “specified return information” means— (i) in the case of a return which is in connection with a case of potential identity theft refund fraud— (I) in the case of such return filed electronically, the internet protocol address, device identification, email domain name, speed of completion, method of authentication, refund method, and such other return information related to the electronic filing characteristics of such return as the Secretary may identify for purposes of this subclause, and (II) in the case of such return prepared by a tax return preparer, identifying information with respect to such tax return preparer, including the preparer taxpayer identification number and electronic filer identification number of such preparer, (ii) in the case of a return which is in connection with a case of a identity theft refund fraud which has been confirmed by the Secretary (pursuant to such procedures as the Secretary may provide), the information referred to in subclauses (I) and (II) of clause (i), the name and taxpayer identification number of the taxpayer as it appears on the return, and any bank account and routing information provided for making a refund in connection with such return, and (iii) in the case of any cybersecurity threat to the Internal Revenue Service, information similar to the information described in subclauses (I) and (II) of clause (i) with respect to such threat. (D) Restriction on use of disclosed information (i) Designated third parties Any return information received by a person described in subparagraph (B)(i)(I) shall be used only for the purposes of and to the extent necessary in— (I) performing the function such person is designated to perform under such subparagraph, (II) facilitating disclosures authorized under subparagraph (A) to persons described in subparagraph (B)(i)(II), and (III) facilitating disclosures authorized under subsection (d) to participants in such information sharing and analysis center. (ii) Return preparers Any return information received by a person described in subparagraph (B)(i)(II) shall be treated for purposes of section 7216 as information furnished to such person for, or in connection with, the preparation of a return of the tax imposed under chapter 1. (E) Data protection and safeguards Return information disclosed under this paragraph shall be subject to such protections and safeguards as the Secretary may require in regulations or other guidance or in the written agreement referred to in subparagraph (B)(ii). Such written agreement shall include a requirement that any unauthorized access to information disclosed under this paragraph, and any breach of any system in which such information is held, be reported to the Treasury Inspector General for Tax Administration.