The Treasury watchdog responsible for overseeing the Internal Revenue Service published its first comprehensive review of a 2025 agreement that let the agency hand immigrants’ tax-record addresses to Immigration and Customs Enforcement. The June 8, 2026 report by the Treasury Inspector General for Tax Administration, or TIGTA, did not allege a crime or name a wrongdoer. It said something narrower and, for the roughly 47,000 people whose information the IRS transferred, more unsettling: the IRS’s automated process for matching ICE’s requests against tax records was flawed, and the inspector general could not confirm that ICE is now protecting the data it received.

That finding lands on top of a legal fight that has already produced two seemingly opposed results — an appeals court that allowed the data sharing to continue, and a trial judge who found the IRS violated federal privacy law tens of thousands of times in carrying it out. How many of the records ICE obtained were matched in error, whether the agency can safeguard them, and whether the program squares with one of the strictest confidentiality statutes in the federal code are questions that the watchdog, the courts, and Congress have not resolved.

This is an Open Questions piece. It records what the inspector general documented, what the courts have actually held, what officials have said on the record, and what remains genuinely unsettled. It does not allege that any individual broke the law, and it does not adopt either side’s characterization as fact.

What Is Confirmed

On April 7, 2025, the IRS and the Department of Homeland Security signed a Memorandum of Understanding establishing procedures to share information for the enforcement of criminal immigration laws. The agreement was signed by Treasury Secretary Scott Bessent and Homeland Security Secretary Kristi Noem, and its existence and terms became public through declarations filed in litigation, as documented by the Economic Policy Institute and the Congressional Research Service.

Under the arrangement, ICE could submit names and last-known addresses of people it was investigating to the IRS for cross-verification against tax records. According to a court declaration by Dottie Romo, the IRS’s chief risk and control officer, ICE ultimately requested information on roughly 1.28 million people, and the IRS provided last-known addresses for about 47,000 of them — figures reported by the Associated Press and Al Jazeera.

The June 2026 TIGTA report confirmed those scale figures and added operational findings. The inspector general concluded that inconsistent formatting in ICE’s data and the IRS’s matching criteria produced errors, including cases where incomplete or inaccurate addresses were treated as valid matches. TIGTA’s central caution, as quoted by the AP, was conditional rather than accusatory: “Without assurance that findings have been mitigated, there is a potential risk that ICE could fail to properly safeguard taxpayer data received from the IRS under the data-sharing agreement.” Deputy Inspector General Nancy A. LaManna said the report made no formal recommendations but that the office planned to share some of its concerns with the DHS Office of Inspector General, according to Bloomberg Law.

The statute at the center of the dispute is Internal Revenue Code Section 6103, which generally bars the IRS from disclosing taxpayer return information and carries criminal and civil penalties for violations. The government’s legal position rests on an exception, Section 6103(i), which permits disclosure of certain information to federal agencies for use in non-tax criminal investigations when statutory requirements are met.

Where the Accounts Diverge

The disagreement is not mainly about what happened — the scale figures and the existence of matching errors are largely settled — but about what those facts mean.

The government maintains that the program is lawful. As summarized by the Congressional Research Service and reported by FedScoop, federal lawyers argued that Section 6103(i)(2) authorizes the IRS to provide taxpayer address information to ICE for criminal investigations, that the MOU requires each ICE request to conform to statutory requirements, and that the IRS reviews each request for completeness and validity. On the security findings, ICE submitted a corrective action plan after the review, though TIGTA noted it did not include an implementation date.

The U.S. Court of Appeals for the D.C. Circuit largely accepted the government’s legal framing. In a February 24, 2026 decision in Centro de Trabajadores Unidos v. Bessent, No. 25-5181, the panel affirmed a lower-court denial of a preliminary injunction, holding that the challengers likely had standing but were unlikely to succeed on the merits. The court reasoned that last-known addresses can be disclosed under Section 6103 because, in its reading, they are not the kind of “return information” the statute’s core confidentiality rule protects in the same way.

The trial court reached a finding that cut the other way on execution. On February 26, 2026, U.S. District Judge Colleen Kollar-Kotelly — the same judge who had earlier declined to halt the program — found that the IRS violated Section 6103 “approximately 42,695 times by disclosing last known taxpayer addresses to ICE,” according to the AP, Al Jazeera, and Tax Notes. The distinction matters: a framework can be lawful in the abstract while the way it was carried out is not. The judge’s finding focused on disclosures the IRS made even where ICE’s requests were, in the court’s description, deficient under the statute’s requirements.

Senate Finance Committee ranking member Ron Wyden, an Oregon Democrat, cast the ruling in sharply political terms. “From the outset it was obvious the Trump administration’s scheme to leak IRS data to its ICE deportation machine would violate the law,” Wyden said in a February 26 statement, adding that everyone involved in the data sharing should “save their records and be ready for the criminal investigations and lawsuits headed their way.” That is the characterization of a political opponent of the program, not a court finding; no criminal charges have been reported in connection with the agreement.

The dispute unfolds against the administration’s broader expansion of immigration enforcement, including the $70 billion in new funding Congress recently approved for ICE and a policy shift requiring most green-card applicants to apply from abroad.

The Timeline

  • April 7, 2025 — The IRS and DHS sign the Memorandum of Understanding, signed by Treasury Secretary Bessent and Homeland Security Secretary Noem, allowing address cross-verification for criminal immigration enforcement.
  • 2025 — Immigrant-serving organizations, including Centro de Trabajadores Unidos and Immigrant Solidarity DuPage, sue Treasury Secretary Bessent in the U.S. District Court for the District of Columbia (No. 1:25-cv-00677), arguing the deal violates taxpayer confidentiality. The district court denies their request for a preliminary injunction.
  • February 24, 2026 — The D.C. Circuit affirms the denial of the preliminary injunction, holding the challengers are unlikely to succeed on the merits because Section 6103(i)(2) authorizes the address disclosures.
  • February 26, 2026 — Judge Kollar-Kotelly finds the IRS violated Section 6103 approximately 42,695 times in executing the agreement, citing the Romo declaration that the IRS turned over data on about 47,000 of the 1.28 million people ICE asked about. Senators Wyden and Alex Padilla issue statements.
  • March 5, 2026 — The district court orders the case stayed pending the D.C. Circuit’s decision in a related case involving the Center for Taxpayer Rights, with a status report to follow.
  • June 8, 2026 — TIGTA publishes its review, finding flawed matching and unconfirmed safeguards, and says it will share concerns with the DHS inspector general.

What Remains Unknown

  • How many of the roughly 47,000 records were matched in error. TIGTA documented that the matching process produced questionable matches but the report, as described in available reporting, does not quantify a definitive error rate.
  • Whether ICE is now safeguarding the data. The inspector general said it could not provide that assurance, and that ICE’s corrective action plan lacked an implementation date.
  • Whether the program is ultimately lawful. The appellate court predicted the challengers would lose, but that was a preliminary-injunction posture, not a final merits judgment; the district court separately found the execution violated the statute. The two holdings have not been reconciled by a final ruling.
  • What happens to people whose addresses were shared in error. Neither the courts nor the watchdog has publicly detailed remedies for individuals misidentified through the flawed matching.
  • What the DHS inspector general will do with the concerns TIGTA said it would refer.

What Comes Next

The litigation remains live. As of March 5, 2026, Centro de Trabajadores Unidos v. Bessent was stayed in the district court pending the D.C. Circuit’s resolution of a related case brought by the Center for Taxpayer Rights, with the parties directed to file a status report once that decision issues. The outcome of that related appeal — and any further proceedings on Judge Kollar-Kotelly’s finding of past violations — will shape whether the program continues, is narrowed, or is halted.

On the operational side, the next concrete marker is whether ICE provides TIGTA and the public an implementation date and evidence that the matching and safeguarding deficiencies have been corrected, and whether the DHS Office of Inspector General opens its own review of the concerns TIGTA said it would refer. Congress, where members of both parties have demanded answers from Treasury about the agreement, could also press for the underlying TIGTA findings or hold further oversight hearings.

What is confirmed is that the IRS transferred about 47,000 taxpayers’ last-known addresses to ICE under a 2025 agreement; that a federal judge found the agency violated Section 6103 roughly 42,695 times in doing so; that an appeals court allowed the underlying program to continue; and that the Treasury’s own tax watchdog now says it cannot confirm the data is being protected. What is not confirmed — and what the courts, the inspector general, and Congress have left open — is whether the deal can be both lawful and secure, and what is owed to the people whose information moved between the two agencies before any of those questions were answered.

Sources 10 cited · 5 primary

  1. A watchdog report flags security risks in the IRS-ICE taxpayer data-sharing dealAssociated Press via ABC NewsJun 8, 2026
  2. IRS Data Sharing Deal With ICE Failed to Meet Set SafeguardsBloomberg LawJun 8, 2026
  3. IRS broke the law by disclosing confidential information to ICE 42,695 times: JudgeAssociated Press via ABC NewsFeb 26, 2026
  4. Centro de Trabajadores Unidos v. Bessent, No. 25-5181 (D.C. Cir. Feb. 24, 2026)primaryU.S. Court of Appeals for the D.C. CircuitFeb 24, 2026
  5. Wyden Statement on Judge's Ruling that IRS-ICE Data Sharing Violated Taxpayer Privacy LawsprimaryU.S. Senate Committee on FinanceFeb 26, 2026
  6. Centro de Trabajadores Unidos v. Bessent: D.C. Circuit Considers IRS-ICE Information-Sharing Agreement (CRS Legal Sidebar LSB11359)primaryCongressional Research Service
  7. Updates on Litigation over the IRS-ICE Information-Sharing Agreement (CRS Legal Sidebar LSB11413)primaryCongressional Research Service
  8. Centro de Trabajadores Unidos v. Bessent, 1:25-cv-00677 (D.D.C.) — docketprimaryCourtListener
  9. US tax agency broke privacy law 'approximately 42,695 times', judge saysAl JazeeraFeb 27, 2026
  10. ICE and IRS reach agreement to share taxpayer information of suspected undocumented immigrantsEconomic Policy Institute

American Courant cites its sources and links to primary documents where they exist. How we report →