Unauthorized access to taxpayers data pointed out

Unauthorized access to taxpayers data pointed out

Karachi Tax Bar Association (KTBA) has pointed out unauthorized access to information of taxpayers by retired tax officials and privately hired persons.

The KTBA in a letter to the Chairman of Federal Board of Revenue (FBR) pointed out recent perturbing news of hacking of taxpayers’ data which is archived, held and managed by the FBR/PRAL for automation and integration of Federal and Provincial Taxes.

The tax bar recalled that only a couple of months ago, system-based notices were issued mechanically U/s. 122(5) of the Income Tax Ordinance, 2001, to the taxpayers in bulk but were yielded in a compromising manner when the same was highlighted by the KTBA.

Surely, this manifests the vulnerability of external tinkering in the system. The silence as to denial or acceptance of the news by FBR/PRAL is bizarre either.

It goes without saying that the data contains sensitive information comprising personal and business information including but not limited to IBANs, CNIC, Date of Birth, Passport which in many ways are associated with taxpayers’ banks (both individual and business accounts) and other development financial institutions (DFIs) both domestically and internationally.

Given the practice that data is hoisted and archived at Cloud system resource hence any casual approach in its protection may not only compromise the sovereignty of Pakistan but is likely to end up in grave consequences for taxpayers domestically and internationally.  

The KTBA time and again had objected to the involvement of retired FBR employees and other private persons in the official work across field formations; who are hired by the officers and supervisory staff and are allowed the access to private information/data of taxpayers in soft as well as in hard contents that also make the data vulnerable.

The tax bar urged the FBR chairman to ensure that all the steps will be brokered (in association with other regulators) to avoid the data breach recurrences in future.