Nonprofit groups are assailing a proposed rule from the Internal Revenue Service, warning the regulations could dry up donations and leave them vulnerable to hacking.
The IRS is proposing new requirements for nonprofits to collect the Social Security numbers of their donors.
Currently, nonprofits send donors a form verifying their contributions, which they use for tax purposes. However, the IRS is proposing changes that would require these nonprofits to collect their donors' SSNs to provide directly to the agency.
But this could put a bull’s-eye on nonprofits, critics say.
Nonprofits say they do not have the resources to protect that sort of sensitive information from hackers. They reason that if federal agencies and big financial corporations cannot even stop hackers, how could nonprofits?
The hackers could also go directly after the donors by calling and claiming to work for the nonprofit.
"Look at the fact that the IRS itself got hacked,” said Tim Delaney, president and CEO of the National Council of Nonprofits.
Nonprofits are scrambling to warn the IRS against adopting the proposed rule. The comment period closes Wednesday.
So far, the IRS has received more than 34,000 comments on the rule.
The proposed requirements fly in the face of conventional wisdom, nonprofits say.
“Law enforcement consistently advise Americans not to disclose their Social Security Numbers,” Delaney said. “When people have your Social Security Number, your name, and your address, it’s very easy to then steal your identity.”
Delaney believes the rules could dry up donations. If donors are afraid their personal information is vulnerable to hackers, they may stop giving.
“It has an immediate chilling effect on contributions, because people will not give as often,” Delaney said.