Our lawful role
The ATO is the Australian government’s principal revenue collection agency. The Commissioner of Taxation has responsibility for ensuring taxpayers meet their tax and superannuation obligations. Compliance with these obligations is a matter we take seriously. Failure to address non-compliant behaviour has the potential to undermine community confidence in the integrity of the tax and superannuation systems and our capability to administer those systems.
We carry out our legislated functions through general powers of administration contained in, but not limited, to:
- section 3A of the Taxation Administration Act 1953
- section 8 of the Income Tax Assessment Act 1936
- section 1-7 of the Income Tax Assessment Act 1997
- section 43 of the Superannuation Guarantee (administration) Act 1992
- section 356-5 in Schedule 1 of the Taxation Administration Act 1953.
Data-matching is one of the strategies used to identity and deal with non-compliant behaviour. Data-matching also provides a degree of assurance that taxpayers are meeting their obligations.
The Privacy Act 1988 (Privacy Act) regulates how personal information is handled by certain entities, such as companies and government agencies.
Schedule 1 of the Privacy Act lists the 13 Australian Privacy Principles (APPs). The principles cover the collection, use, disclosure, storage and management of personal information.
Data will only be used within the limits prescribed by the APPs and the Privacy Act.
The Australian Government Agencies Privacy CodeExternal Link, embeds privacy in all government agency processes and procedures. It ensures that privacy compliance is a priority in the design of our systems, practices and culture.
The ATO complies with all of the code's requirements, and we are transparent and open about what information we collect, hold and disclose. We train our staff to keep personal information safe, and all our systems and offices are protected and secure.
How we protect your personal information
Our staff are subject to the strict confidentiality and disclosure provisions contained in Division 355 of Schedule 1 to the Taxation Administration Act 1953 and include terms of imprisonment in cases of serious contravention of these provisions.
All information and records are managed in accordance with the provisions of the Archives Act 1983.
The requirement to retain data is reviewed on an ongoing basis in accordance with the timeframes and requirements of the OAIC guidelines. We destroy data that is no longer required, in accordance with the Archives Act 1983 and the records authorities issued by the National Archives of Australia, both general and ATO-specific.
Under Section 24 of the Act, records can be disposed of where it is approved by the National Archives; required by another law, or a normal administrative practice that the Archives approves of.
Approval from National Archives is normally provided through records authorities, which are used in the process of sentencing to make decisions about keeping, destroying or transferring information and records.
General or ATO-specific records authorities issued by National Archives apply to our processes of verifying and assuring taxpayer compliance with tax, superannuation and other laws administered by the ATO.
Our record management practices allow us to satisfy the OAIC guidelines and Australian Privacy Principle 11 (APP11) contained in Schedule 1 of the Privacy Act 1988 and in particular:
- APP11.1 – An APP entity must take reasonable steps to protect information from
- Misuse, interference and loss
- Unauthorised access, modification or disclosure.
- APP11.2 – APP entity must take reasonable steps to destroy or de-identify information it no longer needs.
Our on-disclosure provisions
In very limited and specific circumstances, we may be permitted by law to disclose individual records to other government agencies.
Division 355 of Schedule 1 to the Taxation Administration Act 1953 sets out the government agencies we can disclose taxpayer information to, and the circumstances in which we are permitted to make those disclosures. These include agencies responsible for:
- state and territory revenue laws
- payments of social welfare and health and safety programs for determining eligibility for certain types of benefits and rebates
- overseeing super funds, corporations and financial market operators to ensure compliance with prudential regulations
- determining entitlement to rehabilitation and compensation payments
- law enforcement activities to assist with specific types of investigations
- policy analysis, costing and effectiveness measurement.
Each request for information by other agencies will be assessed on its merits and must be for an admissible purpose allowed for by taxation laws. In specific permissible circumstances, on-disclosures may include de-identified datasets for statistical analysis.