Legal Action Was Initiated by Parker Waichman LLP Against H&R Block, Inc., HRB Digital LLC, and HRB Tax Group, Inc., For the Alleged Unlawful Disclosure Of Sensitive Tax Return Information.
In Port Washington, New York, Parker Waichman LLP, a national civil litigation law firm, has filed a class action lawsuit against H&R Block, Inc., HRB Digital LLC, and HRB Tax Group, Inc. Parker Waichman LLP, on behalf of their client, alleges that these defendants violated state and federal laws by unlawfully disclosing, disseminating, transmitting, and/or releasing putative class Plaintiffs’ confidential tax return information (known as “TRI”) with major, third-party tech companies like Facebook/Meta and Google. The lawsuit was filed in the United States District Court, Eastern District of New York on July 14, 2023, with the case number 2:23-cv-05363. This national class action seeks to recover actual and potential future damages caused by the defendants’ unlawful exposure of the plaintiffs’ and prospective class members’ confidential tax return information.
The filed complaint states that “[i]n or around 2022, H&R Block, along with other major tax preparation software companies, was the subject of an investigation by The Markup, which revealed that H&R Block had been unlawfully utilizing pixels to disclose, disseminate, transmit, and/or release confidential TRI to major tech companies, including Meta and Google.”
Raymond C. Silverman, a Partner at Parker Waichman, noted, “[t]he abhorrent actions by H&R Block and other tax preparation companies in surreptitiously sharing their customers’ sensitive personal and financial information is a gross betrayal to those people who utilized these services under the mistaken belief that their information would remain private. Parker Waichman is dedicated to protecting the rights of consumers when they are wronged by corporations who are only thinking about their bottom line to the detriment of every day Americans.”
A Congressional Report Discloses Inappropriate Handling of Taxpayers’ Data by Tax Prep Firms
The controversial sharing of millions of taxpayers’ financial data by leading tax preparation companies, including H&R Block, was brought to light in a Congressional report, instigated by an investigative report from The Markup.
The investigation we published last November unveiled that tax filing services such as H&R Block, TaxAct, and TaxSlayer were supplying data to Meta, Facebook’s parent company, via a tool named the Meta Pixel. The information, including personal details like names, income, filing status, and refund amounts, was shared as taxpayers filed their returns. Google, another subject of the Congressional investigation, also received some data through its analytics tools.
Informed by discussions with representatives from Meta, Google, and major tax preparation services, today’s report validates The Markup’s findings, rebuking tax companies for their “shockingly careless handling of taxpayer data” and tech firms for their “startling disregard for taxpayer privacy.”
The congressional report concluded that without fully grasping how tax data might be gathered and utilized, the tax prep companies implemented tracking tools from Meta and Google on their websites. It found these companies to be “still largely oblivious about the current status of millions of taxpayers’ data.”
Tax data falls under strict regulations, with unlawful sharing attracting penalties, including fines and imprisonment. The congressional report deduced that the companies in question likely failed to gain appropriate consent to distribute the data and could be subject to such penalties.
The report was submitted to various federal enforcement agencies by lawmakers, accompanied by a letter urging the investigation and prosecution of any company or individual guilty of breaking the law. Agencies contacted include the Internal Revenue Service, the Treasury Inspector General for Tax Administration, the Department of Justice, and the Federal Trade Commission.
Meta, H&R Block, and TaxSlayer did not immediately respond to requests for comments. Angela Krieger, Google’s spokesperson, noted that the company has “strict policies and technical features” to prevent Google Analytics users from gathering sensitive data, stating that it is the responsibility of site owners to supervise the information they accumulate.
Dermot Halpin, executive chair of TaxAct, stated in a post-publication email that the company cooperated with Warren’s team and had deactivated the “standard analytics tools” to evaluate concerns. He said, “[p]reserving the rights and privacy of our customers is our top priority, and we are dedicated to working with stakeholders to address any concerns and to contribute towards public policy advancements.”
Apart from the FTC, which declined to comment, the government enforcement agencies that received the letter did not respond to a comment request.
The Meta Pixel, a popular tracking code that businesses and organizations can install on their websites to optimize Facebook ads, records visitor information and sends it back to Facebook. This information aids companies in personalizing ads. For instance, a company could place a pixel on their checkout page to advertise new products to past customers on Facebook.
Although this code is deployed on millions of sites worldwide, Meta warns against using it to gather potentially sensitive data, such as financial and health details. Regardless, as part of the ‘Pixel Hunt’ project, The Markup discovered several instances where sensitive data, including from significant hospitals, telehealth companies, and the U.S. Department of Education, had been consistently shared with Meta.
While Meta professes to have automated filters for sensitive data, the lawmakers’ report argues these safeguards are “painfully insufficient” and appear to exist solely to provide “a smidgen of deniability.” According to the report, Meta informed the congressional staff that notifications were sent to tax prep companies about the data following The Markup’s request for comment. However, the tax prep companies claimed they never received these notifications.
The report also mentioned that tax prep companies contacted Meta several times post-publication of The Markup’s article to inquire about the final status of their customers’ data but left without a satisfactory response.
In one instance, as per remarks from TaxSlayer given to lawmakers, a Meta advertising representative specifically suggested using a feature to gather data on web visitors’ page views. TaxSlayer informed the lawmakers’ team that it was clueless about the extent of data collection.
Who Are the Potential Victims of Sharing, Transmitting, and/or Disseminating Confidential Tax Return Information?
The potential victims of disclosing, disseminating, transmitting, and/or releasing confidential tax return information are the clients of the entities involved in these alleged actions. In this context, those would be the customers of H&R Block, Inc., HRB Digital LLC, and HRB Tax Group, Inc., who used their tax preparation services.
Tax return information is highly sensitive and typically includes personally identifiable information (PII) such as social security numbers, home addresses, and income details, among other data. If shared unlawfully, individuals could face potential risks including identity theft, financial fraud, invasion of privacy, or even blackmail.
In a broader sense, anyone who uses a service to prepare and file their taxes could be at risk if the service provider does not properly protect or handle their data. Thus, this scenario underlines the importance of data security and proper handling of sensitive information by tax preparation services and similar entities.
What Types of Compensatory Damages Could a Victim Pursue in a Civil Lawsuit?
In a civil lawsuit, particularly one related to privacy breaches such as this case, victims can potentially pursue several types of compensatory damages. These are intended to restore the victim to the position they would have been in if the infringement had not occurred. Some types of compensatory damages they may seek include:
- Actual Damages: These include any direct financial losses the victim may have suffered as a result of the privacy breach. For instance, if the victim had to pay for credit monitoring services, any fees or losses related to identity theft, or even legal fees related to addressing the fallout from the breach.
- Consequential Damages: These are the indirect results of the privacy violation that can be proven to have occurred because of the incident. This could include lost wages from time taken off work to deal with the breach, or future financial losses stemming from a damaged credit score.
- Non-economic Damages: These refer to compensation for intangible harms, such as emotional distress, pain and suffering, damage to reputation, or loss of privacy. In a case of data breach, this could cover the stress and anxiety caused by the breach, and the potential future impacts it could have on one’s personal and professional life.
- Punitive Damages: While not strictly compensatory, punitive damages are sometimes awarded in civil cases to punish the defendant for particularly egregious behavior and deter others from committing similar acts. Whether these damages are available typically depends on the specific laws of the jurisdiction.
- Restitution: This is meant to restore the victim to the position they were in before the violation. It may include costs associated with identity theft protection, credit repair services, or any other services the victims needed to protect themselves after the breach.
It’s important to note that the types of damages that can be pursued and the criteria for awarding them can vary widely by jurisdiction and the specifics of the case. A lawyer or legal expert would be best suited to provide advice tailored to a specific situation.
Why File A Lawsuit if You Are a Victim?
Filing a lawsuit after being a victim of an incident such as a data breach or privacy violation is a significant step that can serve multiple purposes:
- Compensation: As mentioned previously, victims can seek compensatory damages to offset any financial losses or emotional harm they’ve suffered as a result of the incident. This might include the costs of managing the breach (such as credit monitoring services), recovering from identity theft, or compensating for emotional distress.
- Injunction: A lawsuit could also lead to an injunction, a court order that requires the defendant to stop the harmful behavior. In this case, it could prevent the company from continuing to disclose clients’ tax return information without consent.
- Accountability: A lawsuit can hold the responsible party accountable for their actions. If a company or individual has acted negligently or inappropriately, a lawsuit can highlight this behavior and apply legal and financial penalties.
- Prevention: By holding the responsible party accountable, a lawsuit can deter them and others from similar behavior in the future. This is particularly important in cases involving data privacy, where breaches can have far-reaching implications for individuals’ security and privacy.
- Justice: For many, the act of filing a lawsuit is a matter of principle. They feel that they have been wronged and wish to seek justice through the legal system.
It’s important to understand that filing a lawsuit is a major decision that should be made after consulting with a legal professional. Lawsuits can be expensive and time-consuming, and the outcome is never guaranteed. However, in many situations, it can be a crucial step in addressing a wrong and seeking justice.
Why Parker Waichman LLP is a Top-rated National Law Firm
Parker Waichman LLP has been recognized as a top-rated national law firm due to several reasons:
- Experience and Expertise: Parker Waichman LLP has accumulated vast experience over the years in various areas of law, including personal injury, mass torts, and class action lawsuits. Their breadth of knowledge and expertise often leads to successful outcomes in their cases.
- Proven Track Record: The firm has a strong track record of securing high-value settlements and verdicts for their clients. This has solidified their reputation as a successful litigator in the eyes of peers, clients, and the judiciary.
- Client Satisfaction: Parker Waichman LLP is known for its commitment to providing exceptional client service. They have consistently received positive feedback and high ratings from clients for their professionalism, responsiveness, and compassionate handling of cases.
- Recognition by Peers: The firm and its attorneys have received numerous accolades from professional organizations, further enhancing their standing in the legal community. They’ve been recognized by their peers for their excellence in legal services and their commitment to ethical standards.
- Advocacy for Victims’ Rights: Parker Waichman LLP has been particularly lauded for their advocacy for victims’ rights, representing individuals who have been injured or wronged by large corporations, medical entities, or other negligent parties.
- National Presence: As a national law firm, Parker Waichman LLP has the capacity to handle complex and multi-jurisdictional cases, which can be a significant advantage in class action suits or suits against large corporations.
For the most current and comprehensive information, consider calling Parker Waichman LLP at 1-800-YOUR-LAWYER (1-800-968-7529) or consult our About Us page.
CONTACT PARKER WAICHMAN LLP FOR A FREE CASE REVIEW
Parker Waichman LLP helps families recover monetary compensation for harm caused by the negligent or illegal acts of corporations. For your free consultation, contact our national law firm today by using our live chat or calling 1-800-YOUR-LAWYER (1-800-968-7529).
New York | Brooklyn | Queens | Long Island | New Jersey | Florida
Call us at: 1-800-YOURLAWYER (800-968-7529) | Schedule your free consultation