Protecting Americans’ Privacy Act of 2025
- Bill Number
- S. 490
- Origin Chamber
- Senate
- Congress
- 119th Congress, Session 1
- Policy Area
- Taxation
- Status
- Introduced
- Latest Action
- 2025-02-06: Read twice and referred to the Committee on Finance. (text: CR S796-797)
- Last Updated
- 2025-05-13T15:24:59Z
AI-Generated Summary
Purpose
The Protecting Americans' Privacy Act of 2025 aims to safeguard sensitive financial and tax information by prohibiting unauthorized access to the central payment systems managed by the Bureau of the Fiscal Service (part of the U.S. Department of the Treasury). These systems handle public money receipts and payments, including tax-related data. The legislation seeks to prevent misuse by restricting access to qualified, long-term federal personnel without conflicts of interest, while providing civil remedies for violations.
Key Provisions
- Prohibitions on Access (Section 2):
- It is unlawful for individuals to knowingly access or control Treasury payment systems if they are:
- Not a federal employee or a federal contractor with at least one year of continuous service.
- A federal employee in a high-level role (e.g., CEO, CFO) at a "covered entity" (broadly defined as corporations, companies, nonprofits, or similar organizations), serving on such an entity's board, controlling it, or with less than one year in civil service.
- A "covered employee" (e.g., noncareer appointees, special government employees) with a conflict of interest under federal ethics laws or without a signed ethics agreement.
- It is also unlawful to facilitate or permit such access if known to violate the rules.
- Definitions include "control" (e.g., owning >50% voting shares or influencing management), "covered employee" (high-level non-merit appointees), and "federal contractor" (non-employees working under agency contracts).
- Civil Enforcement (Section 2):
- Individuals harmed by violations can sue in federal or state court for:
- Equitable relief (e.g., injunctions or declarations).
- Damages: The greater of actual losses or $250,000 per unauthorized access related to the plaintiff.
- Punitive damages if appropriate.
- Attorney's fees and litigation costs.
- Violators under direct access and facilitation rules are jointly liable for related breaches.
- Amendments to Tax Privacy Laws (Section 3):
- Adds to Internal Revenue Code (IRC) Section 6103: Prohibits disclosing tax returns or related information via Treasury payment systems to restricted individuals (as defined in Section 2).
- Amends IRC Section 7431: Allows taxpayers to sue for unauthorized inspection or disclosure by restricted individuals, with minimum damages of $250,000 (replacing the prior $1,000 minimum for such cases).
- Explicitly states no impact on the legality of prior actions.
- General Notes:
- The law does not imply anything about the legality of actions before its enactment.
Significant Changes to Existing Law
- New Access Restrictions: Introduces specific federal prohibitions on who can access Treasury payment systems, building on but expanding existing ethics rules (e.g., 18 U.S.C. § 208 on conflicts of interest) to cover short-term or conflicted personnel explicitly.
- Tax Code Enhancements: Modifies IRC § 6103 to block system-based disclosure of tax data to certain users, a novel integration of payment system access with tax privacy. It also raises civil damages under IRC § 7431 for these violations, increasing penalties from $1,000 to $250,000 minimum and adding negligence-based liability.
- Private Right of Action: Creates a broad civil lawsuit mechanism outside the tax code for payment system breaches, allowing harmed parties (beyond just taxpayers) to seek substantial remedies, which was not previously available in this form.
Potential Impacts
- On Government Agencies: The Department of the Treasury and Bureau of the Fiscal Service must implement stricter access controls, ethics agreements, and monitoring, potentially increasing administrative costs but enhancing system security and reducing insider threats.
- On Citizens: Taxpayers and others with financial data in federal systems gain stronger privacy protections, with easier access to remedies for breaches, which could deter misuse and build public trust in government handling of personal information.
- On International Relations: No direct impacts, as the bill focuses on domestic federal operations.
- Broader Effects: May lead to fewer unauthorized data accesses, but could complicate hiring short-term experts or political appointees, slowing operations in high-turnover roles.
Main Stakeholders Affected
- Federal Employees and Contractors: Restricted access for short-term, noncareer, or conflicted individuals; requires ethics compliance for system use.
- Taxpayers and Individuals: Benefit from protected tax and payment data; can pursue civil claims if harmed.
- Department of the Treasury and Bureau of the Fiscal Service: Responsible for enforcing access rules and integrating with tax privacy laws.
- Covered Entities: Businesses, nonprofits, or organizations with federal ties may face indirect limits if their executives or board members are federal employees.
- Courts and Litigants: Increased potential for civil lawsuits related to data privacy violations.
Notable Legal, Constitutional, or Political Implications
- Legal Implications: Strengthens enforcement of data privacy through civil penalties and private lawsuits, potentially increasing litigation over federal ethics and access issues. It harmonizes payment systems with tax confidentiality rules, closing perceived gaps in unauthorized inspection remedies.
- Constitutional Implications: Aligns with privacy rights under the Fourth Amendment (protection against unreasonable searches) and due process, by limiting government insiders' access to sensitive personal data without clear justification. No apparent conflicts with free speech or other rights.
- Political Implications: Targets potential conflicts in political appointees or short-term officials, promoting ethics in federal finance handling. As a bipartisan committee referral (introduced by Senate Democrats), it reflects concerns over data security in government, possibly responding to recent breaches or turnover in administration roles, without altering criminal penalties (focusing on civil accountability).
This summary was generated by AI and may contain inaccuracies. Refer to the official source document for the authoritative text.
Sponsor
Sen. Schumer, Charles E. [D-NY]
Cosponsors (5)
Sen. Wyden, Ron [D-OR], Sen. Warren, Elizabeth [D-MA], Sen. Peters, Gary C. [D-MI], Sen. Murray, Patty [D-WA], Sen. Warner, Mark R. [D-VA]
Recent Actions
- 2025-02-06: Read twice and referred to the Committee on Finance. (text: CR S796-797)
- 2025-02-06: Introduced in Senate
Bill Versions
- Protecting Americans’ Privacy Act of 2025 — issued 2025-02-06 — PDF (9 pages)