Passenger movements data overview
The Australian Taxation Office (ATO) has a responsibility to protect public revenue and maintain community confidence in the integrity of the tax system. Our passenger movements data-matching program will help us mitigate loss of government revenue.
The data in this program is not used directly to initiate automated compliance activity. Taxpayers selected for our compliance activities are identified through other methods.
Under this data-matching program, Home Affairs will provide current and historical passenger movement data for individuals being assessed where necessary.
The data collected under this program will be used:
- to verify identity and residency status for registration purposes
- in ATO risk detection models
- as an indicator of residency to help us profile, determine and assess candidates for residency status for Australian tax and superannuation.
It will also allow us to identify and address several taxation risks, including:
- incorrect reporting of income within income tax returns and activity statements
- failure to meet registration and lodgment obligations within the tax and superannuation system
- insights from the program inform treatment strategies to improve voluntary compliance through education on taxation obligations.
The data may also be used as part of the methodologies by which we select taxpayers for compliance activities.
It will prevent unnecessary contact with taxpayers, where the data supports client reported information.
In addition, the data will supplement our existing visa data-matching program by ensuring at the time of assessment the most current movement records are made available.
We do not use passenger movements data to initiate automated action or activities.
Previous related programs
The ATO has been conducting the passenger movements data-matching program since March 2020.
The most recent data-matching protocol for this program was published in April 2021 and covered data from the 2016–17 to 2022–23 financial years.
This protocol outlines our intention to continue collecting passenger movements data from the 2023–24 to 2025–26 financial years.
Previous data-matching programs have broadly achieved their stated goals in identifying candidates for review and audit, who may be failing to meet their registration and lodgment obligations, including assisting them to comply.
We also conduct the:
- Visa holder data-matching program – this has been operating for more than 10 years
- Higher Education Loan Program (HELP)
- Vocational Education and Training Student Loans (VSL)
- Trade Support Loans (TSL).
Data providers
The passenger movements data is provided by Department of Home Affairs. The ATO is the matching agency and the sole user of the data obtained for this data-matching program.
Home Affairs legislation
The Movement Reconstruction (MR) database contains records of passenger movements into and out of Australia since June 1981. Under the Migration Act 1958 (the Migration Act), the MR database is a notified database.
There are restrictions regarding access to and disclosure of information from the database. These are detailed in subsection 488(1) of the Migration Act. A penalty of imprisonment for 2 years applies, and access is audited.
Under the Migration Act, the ATO has direct access to the MR database. Only relevant ATO employees are authorised to access movement records for prescribed purposes.
This is in accordance with paragraph 488(2)(g) of the Migration Act and the Instrument made under sub-regulation 3.10A(2) of the Migration Regulations 1994, which specifies the prescribed employees, agencies, and purposes of the Migration Act.
Privacy Act
Data will only be used within the limits prescribed by Australian Privacy Principle 6 (APP6) contained in Schedule 1 of the Privacy Act and in particular:
- APP6.2(b) – the use of the information is required or authorised by an Australian law
- APP6.2(e) – we reasonably believe that the use of the information is reasonably necessary for our enforcement-related activities.
Data elements we collect
Data will be collected from 2016–17 to 2025–26 financial years for selected individuals.
Client identification details – individuals
The following identification details of an individual will be collected:
- full name
- date of birth
- arrival date
- departure date
- passport information (travel document ID, country code)
- status types (visa status, residency, lawful, Australian citizen).
Number of records
We expect to collect data on approximately 115,000 individuals each financial year for this program.
Data quality
We anticipate that the data quality will be of a high standard, based on our prior passenger movements data-matching programs.
Data retention
We collect data under this program for all financial years from 2016–17 to 2025–26. The data collection is expected to occur daily using an automated system to system access process.
We destroy data that is no longer required, in accordance with the Archives Act 1983, and the records authorities issued by the National Archives of Australia, for both general and ATO-specific data.
We will retain each financial year’s data for 5 years from receipt of the final instalment of verified data files. This is obtained from the data providers.
The data is required for this period for the protection of public revenue as:
- travel frequently covers periods longer than one financial year
- individuals identified as not meeting their tax or superannuation obligations, including being partly or wholly outside the tax and superannuation systems, may have been operating that way for multiple years
- the data enhances our ability to identify taxpayers who may not be complying with their tax and superannuation obligations, which is integral to protecting the integrity of the tax and superannuation systems
- it supports our general compliance approach of reviewing an assessment within the standard period of review, which aligns with the requirements for taxpayers to keep their records
- the data is also used for multiple risk models, including models that establish retrospective profiles over multiple years aligned with the period of review.
While increased data-retention periods may increase the risk to privacy, we have a range of safeguards to appropriately manage and minimise this. Our systems and controls are designed to ensure the privacy and security of the data we manage.