The authorities recently clarified that GSTN website that contains a database of GST taxpayers’ information can neither be accessed by the Goods and Service Tax Network nor it can be shared with anybody, it thus safeguards people privacy and doesn’t pose any threat to the taxpayers data.
The statement came after the right to privacy was declared as the fundamental right by the Supreme Court which needs to be protected under any circumstances, the ruling emphasized on the provision of a right to personal liberty and freedom by the Constitution of India.
Chairman of GSTN, Navin Kumar, told Indo-Asian News Service (IANS), “The Supreme Court order applies to everybody. Right to privacy applies to everybody. But the security of the GST data will not be compromised because we are not sharing it with anybody.” Kumar further added that the data or information details of the taxpayers are encrypted, which remains at server only and straightly forwarded to the tax department website.
Since GST is owned by a majority of the private partners, there is the possibility of data security being threatened. When asked the question regarding ensuring the security of information provided by the taxpayers Kumar replied, “Why should it impose any risk? ICICI Bank, HDFC Bank, HDFC are on the Board. They don’t have any access to the data. We also do not have access to the data. The data is on the servers, it comes from taxpayers and goes to the tax department.”
Read Also: GSTN Safe from Ransomware WannaCry Cyber Attack
GSTN portal is a Non- Government private Ltd company that was incorporated on 24th March 2013. It was established with the mutual cooperation of the State Government and the Central Government, possessing 24.5 per cent shareholders of each, whereas, HDFC, HDFC Bank, ICICI Bank, NSE Strategic Investment Company holds 10 percent share of each. LIC Finance has 11 percent share in GSTN. Since the majority of the stakeholders of GST are private players, BJP MP Subramanian Swamy had earlier expressed his concern over the privacy and security of taxpayers’ data.
“We have the elaborate security system. We have ISO 27001 certified information security management system (ISMS). which is the best standard of information security system, reassured Kumar.
Kumar further added, We have layered security structure, starting with physical security, network security, application security, data security, etc. These are the various layers at which security is ensured. There is also a third party audit. In order to keep the tab on the data inflow and outflow, GSTN has 24/7 security service centre.
He also said, “If there is any suspicious activity, they can raise alarm and action can be taken. We have elaborate security. There is a team of people monitoring it.” Kumar opined that although in case of Adhaar information is shared with various organizations as and when required but this is not applicable on GST. The Supreme Court’s ruling on Right to Privacy may have the influence on the petitions filed against the decision to make Adhaar mandatory.
There are instances when taxpayers’ themselves share information with GSPs but in such scenario, GSTN does not play any role and does not receive any such information given to GSPs ( GST Suvidha Providers). “GSTN cannot prevent taxpayers not to give data to GSPs. Taxpayers are giving their data to GSPs, not us. So the data leak cannot happen from GSTN,” Kumar clarified.