Show download pdf controls
  • Ride sourcing 2015–16 to 2021–22 financial years data-matching program protocol

    The Australian Taxation Office's (ATO) ride sourcing data-matching program has been in place since October 2015. The data acquired and matched under this program is used by the ATO to support the willing engagement of ride sourcing drivers with their registration, lodgment, reporting and payment obligations. The program also informs specific compliance strategies for those drivers who do not comply with their obligations.

    This new protocol document outlines our approach to collecting a further three financial years of ride sourcing data, up to and including 2021–22.

    All of our data-matching programs follow the Office of the Australian Information Commissioner’s (OAIC) Guidelines on data matching in Australian Government administration (2014). The guidelines assist Australian Government agencies to use data-matching as an administrative tool in a way that complies with the Australian Privacy Principles (APPs) and the Privacy Act 1988 (Privacy Act), and are consistent with good privacy practice.

    The ATO has a responsibility to protect public revenue and to maintain community confidence in the integrity of the tax system. The ride sourcing data-matching program will assist us to undertake these responsibilities.

    Find out about:

    Why we look at ride sourcing

    The ride sourcing data-matching program will allow us to identify and address a number of taxation risks, including:

    • Incorrect reporting of income and expenses within income tax return and activity statements, and
    • failure to meet registration and/or lodgment obligations within the system.

    Program objectives

    The objectives of this data-matching program are to:

    • promote voluntary compliance and increase community confidence in the integrity of the tax and superannuation systems
    • identify and educate individuals who may be failing to meet their registration and/or lodgment obligations and assist them to comply
    • gain insights from the data that may help us to develop and implement engagement strategies to improve voluntary compliance which include educational or compliance activities as appropriate
    • obtain intelligence to increase the ATO’s understanding of the behaviours and compliance profiles of individuals and businesses that provide ride sourcing services
    • ensure compliance with registration, lodgment, correct reporting and payment of tax and superannuation obligations.

    How we use the data

    The data in this program will be used to identify and inform ride sourcing providers (drivers) of their tax obligations as part of information and education campaigns.

    The data may also be used as part of the methodologies by which we select taxpayers for compliance activities.

    The ATO does not use data from ride sourcing facilitators to initiate automated action or activities.

    Our previous related programs

    The ATO has been conducting the ride sourcing data-matching program since October 2015 for the 2015–16 to 2018–19 financial years.

    Under the new program, we have rationalised the information to be provided by ride sourcing facilitators and have also included some additional information such as GST amounts.

    Financial institutions are no longer required to provide information under the program as ongoing consultation and co-operation has enabled the ATO to successfully obtain this information directly from facilitators.

    To date, the data has been used in a number of educational campaigns to alert drivers to their tax obligations, along with commencing reviews and audits.

    Data providers

    The ATO is the matching agency and the sole user of the data obtained in the course of this data-matching program.

    While not identifying data providers, we adopt a principles-based approach to ensure that our selection of data providers is fair and transparent. Identification of those providers working with the ATO has the potential to cause commercial disadvantage given the immaturity of the industry and evolving nature of the market.

    See the Submission to the Information Commissioner setting out the basis for deviating from the publication conditions of the guidelines and its impacts on individual privacy.

    Eligibility as a data provider

    Inclusion of a data provider is based on the following principles:

    • the data owner or its subsidiary operates a business in Australia that is governed by Australian law
    • the data owner or its subsidiary provides ride sourcing facilitation services for drivers
    • the data owner or its subsidiary provided these facilities in the year(s) in focus
    • where the client base of a data owner or its subsidiary does not present an omitted income risk or the administrative or financial cost of collecting the data exceeds the benefit the data may provide, the data owner or its subsidiary may be excluded from the program.

    New and existing ride sourcing facilitators will be reviewed periodically against the eligibility criteria and, if required, will be included in the data-matching program.

    Submission to the Information Commissioner

    Varying from source entity identification requirements

    The Australian Taxation Office (ATO) is seeking approval for the ride sourcing data matching program 2019–20 to 2021–22 to vary from one or more of the conditions detailed in Guideline 10 of the Office of the Australian Information Commissioner’s Guidelines on data matching in Australian government administration (2014) (the Guidelines).

    We are seeking you exercise your discretion and allow us to refrain from publishing the names of the ride sourcing facilitators selected to provide data in order to prevent a commercial disadvantage. This recognises the immaturity of the industry and market, and possible commercial impacts for the chosen data providers over others in the same industry and market segment not chosen to provide data.

    This deviation of the normal publication conditions in this circumstance is in the public interest. Publication of the names of the data providers would:

    • Unfairly identify ride sourcing facilitators cooperating with the ATO leading to a potential commercial disadvantage for those named.
    • The perception may damage relationships between named businesses and their customers.
    • Potentially impact the Government’s intent to promote a ‘level playing field’ for commercial enterprises.

    The ATO appreciate not publishing source entity (data supplier) names may have a minor impact on transparency however we also appreciate that damage and detrimental commercial effects on a source entity requires mitigation.

    This program will be subject to an evaluation within three years which is consistent with the requirements of Guideline 9.

    Additional information justifying this variation is included in the tables below:

    • Table 1 – matters considered in accordance with Guideline 10.2 in seeking this variation
    • Table 2 – consistency with requirements of the other guidelines issued by the Office of the Australian Information Commissioner

    Table 1: Matters considered in seeking this variation to the Guidelines

    No.

    Matter considered

    Consideration

    10.2.a

    The effect that not abiding by the Guidelines would have on individual privacy

    We have in place very secure processes for handling and storing data. Once acquired, all data will be stored on our secure computer systems where access is strictly controlled and full audit logs maintained

    The ATO and our staff operate under stringent confidentiality and privacy legislation that prohibits the improper access to or disclosure of protected information. These obligations are supported by significant penalties, including imprisonment. This substantially mitigates the risks of breaches of privacy.

    10.2.b

    The seriousness of the administrative or enforcement action that may flow from a match obtained through the data matching program

    Where we propose to take administrative action where a taxpayer may have reported incorrectly, we will differentiate between those that try to do the right thing and those that set out to deliberately avoid their obligations. Documented procedures, including the Taxpayers’ Charter and compliance model will be followed to ensure fairness and consistency.

    10.2.c

    The effect that not abiding by the Guidelines would have on the fairness of the data matching program — including its effect on the ability of individuals to determine the basis of decisions that affect them, and their ability to dispute those decisions

    There will be no effect on the fairness of the program or the ability of taxpayers to find out the basis of decisions that impact them or their ability to dispute those decisions

    Before any administrative action is undertaken, taxpayers will be given at least 28 days to verify the accuracy of the information that has been derived from this data matching program

    Where administrative action is to be undertaken, we will adhere to the principles established in the Taxpayers’ Charter and compliance model to ensure an equitable and consistent approach is taken

    If a taxpayer does not agree with an assessment, they maintain the right to dispute the decision. They also have the legal right to appeal against those decisions through the courts and tribunals.

    10.2.d

    The effect that not abiding by the Guidelines would have on the transparency and accountability of agency and government operations

    There will be no adverse effects on the transparency and accountability of government operations by not directly naming data suppliers.

    ATO data matching is conducted to address identified compliance risks in a particular segment. A comprehensive description of the data providers operating in the identified segment is included in the program protocol. The description also identifies the principles and criteria for selecting the data providers. Our practice is to raise awareness of the risk in the particular segment and ensure all participants are made aware of their obligations and impacts when engaging in that segment.

    The program protocol is submitted to the Office of the Australian Information Commissioner and we will strictly adhere to the commitments in that document.

    We will publish a notice with general information about the program in the Federal Register of Legislation - Gazettes before administrative action commences. We will also make a copy of the program protocol available on our website.

    10.2.e

    The effect that not abiding by the Guidelines would have on compliance of the proposed data matching program with the Australian Privacy Principles in the Privacy Act 1988 and the Australian Government Privacy Code

    The data is collected solely for the stated objectives established in the data matching program protocol.

    10.2.f

    The effect that complying with the Guidelines would have on the effectiveness of the proposed data matching program

    The effectiveness of the program would be reduced if source entities had to be identified. Their willingness to participate and cooperating with the ATO would likely be compromised.

    10.2.g

    Whether complying fully with the Guidelines could jeopardise or endanger the life or physical safety of information providers or could compromise the source of information provided in confidence

    Not abiding by all the requirements of the Guidelines would not influence or affect the personal safety of any individual identified as part of the program or compromise the source of the information provided in confidence.

    10.2.h

    The effect that complying fully with the Guidelines would have on public revenue – including tax revenue, personal benefit payments, debts to the Commonwealth and fraud against the Commonwealth

    Not allowing the exemption under the current program may cause us to miss potential breaches of taxation laws and subsequent non-payment of tax. This would result in the Commonwealth foregoing taxation revenue.

    There are risks to the integrity of taxation system when people fail to comply with their obligations. Abiding by all of the requirements of the guidelines will reduce the effectiveness of the proposed compliance activity. We would miss the opportunity to educate those taxpayers trying to do the right thing, and deter those that are non-compliant from repeating the behaviour.

    The effect of abiding by all of the requirements in the guidelines could negatively impact both public revenue and the confidence the public and government have in the ATO as an administrator of the taxation system. People not complying with their taxation obligations, including those operating outside the system, set a bad example to compliant taxpayers and may encourage their non-compliance. Maintaining community and government confidence in the taxation system is critical to our ongoing role.

    10.2.i

    Whether complying fully with the Guidelines would involve the release of a document that would be an exempt document under the Freedom of Information Act 1982

    Upon receipt of a freedom of information request only information relating to the taxpayer’s own affairs will be released to the taxpayer concerned.

    10.2.j

    Any legal authority for, or any legal obligation that requires, the conduct of the proposed data matching program in a way that is inconsistent with the Guidelines.

    There is no specific legislative power authorising the conduct of this program inconsistent with the Guidelines.

    The Commissioner of Taxation, or his authorised representative, has formed the opinion that this data is required to enable us to effectively and efficiently carry out its legislated functions under the general powers of administration contained in:

    • Section 3A of the Taxation Administration Act 1953
    • Section 8 of the Income Tax Assessment Act 1936
    • Section 1-7 of the Income Tax Assessment Act 1997
    • Section 356-5 in Schedule 1 of the Taxation Administration Act 1953

    The reasons for proposing to operate outside requirements of the Guidelines are detailed above.

    Table 2: Matters considered in seeking this variation to the Guidelines

    This section outlines where we are being consistent with the requirements of the Guidelines.

    Paragraph/Guideline

    Purpose

    Action taken/to be taken

    Paragraph 6

    Status of the Guidelines

    Our commitment to complying with the Guidelines is embedded in our data management policies and principles and clearly stated in the chief executive instruction.

    Guideline 1

    Application of the Guide

    We apply the guidelines for all data matching programs where it is anticipated the program will include records of 5,000 or more individuals.

    We recognise that programs where there are multiple data sources but with common objectives and algorithms are treated as a single data matching program.

    Guideline 2

    Deciding to carry out or participate in a data matching program

    We conduct a cost-benefit analysis and consider alternate methods prior to proposing to conduct a data matching program.

    Further, we have rigorous governance arrangements, processes and system controls in place to protect the privacy of individuals.

    Guideline 3

    Prepare a program protocol

    Prior to conducting a data matching program, we prepare a data matching program protocol, submit this to the Office of the Australian Information Commissioner and make a copy publicly available on the ATO website.

    When elements of a data matching program change, the protocol is amended, a copy of the amended protocol is provided to the Office of the Australian Information Commissioner and updated on our website.

    Guideline 4

    Prepare a technical standards report

    Documentation is prepared and maintained so as to satisfy the requirements of a technical standards report.

    Guideline 5

    Notify the public

    We publish notification of our intention to undertake a data matching program in the Federal Register of Legislation - Gazettes prior to the commencement of the program.

    This notice will include the following information as required by the Guidelines:

    • a brief description of the objectives of the data matching program
    • the matching agency and (where appropriate) source entities involved in the data matching program
    • a description of the data contained in the data set involved in the data matching program
    • the categories of individuals about whom personal information is to be matched
    • the approximate number of individuals affected
    • reference to our privacy policy.

    Notification of the program is also published on our website and data providers are advised they can advertise their participation in the data matching program.

    Guideline 6

    Notify individuals of proposed administrative action

    Prior to taking any administrative action as a result of the data matching programs, individuals and other entities are given at least 28 days to verify the accuracy of the information provided to us by third parties.

    Guideline 7

    Destroy information that is no longer required

    We regularly review our requirement to continue to retain data and destroy those datasets no longer reasonably necessary.

    Guideline 8

    Do not create new registers, data sets or databases

    We do not create new registers or databases using data obtained in the course of a data matching program.

    Guideline 9

    Regularly evaluate data matching programs

    Programs are evaluated within three years of the commencement of the data matching program. These evaluations are provided to the Office of the Australian Information Commissioner on request.

    Guideline 10

    Seeking exemptions from Guideline requirements

    When we intend to vary from the requirements of the Guidelines, we seek the approval of the Office of the Australian Information Commissioner and provide documentation to support the variance.

    Guideline 11

    Data matching with entities other than agencies

    We undertake our own data matching programs. This function is not outsourced.

    Where data is obtained from an entity other than an individual, we usually do so using our formal information gathering powers. In these instances the entities are advised they are able to notify their clients of their participation in the data matching program.

    Guideline 12

    Data matching with exempt agencies

    We do not usually undertake data matching with agencies that are exempt from the operations of the Privacy Act 1988 under section 7 of that Act and that are subject to the operation of the Guidelines (i.e. any data matching undertaken with an exempt agency would usually be for fewer than 5,000 individuals).

    In the event a data matching activity would otherwise be subject to these Guidelines except for the exemption status, we still adhere to the principles of the Guidelines and prepare a program protocol, seeking to vary from the Guidelines by not publicly notifying of the program and publishing the protocol. We would still lodge a copy of the protocol with the Office of the Australian Information Commissioner.

    Guideline 13

    Enable review by the Office of the Australian Information Commissioner

    We would not prevent the Office of the Australian Information Commissioner from reviewing our data matching activities and processes. These activities and processes have been reviewed by the Australian National Audit Office and Inspector-General of Taxation.

      Last modified: 20 Mar 2020QC 61837