Tax and Customs Administration lax in checking requests for tax data

The Dutch Data Protection Authority issued a report on 11 February 2011 following an audit of measures taken by the Tax and Customs Administration to assess requests for tax data that it receives from help and information points. The audit revealed gaps in the security of the tax data of members of the public.

Some 900 help and information points are available in the Netherlands to assist applicants for health care, rent and child care allowances. The help and information points refer to tax data about the applicants, which they obtain by phone from the Tax and Customs Administration.

Citizens must be able to rely on their tax data not falling into the hands of unauthorized people, which is why it is important that the Tax and Customs Administration adheres to the rules when checking requests for personal data.

However, the audit found that the Tax and Customs Administration fails to confirm that citizens have actually consented to their data being accessed by a help and information point. Furthermore, since no record is kept of the identity of help and information point staff who retrieve information by phone, subsequent checks of their proper authority are hindered.

The security of the tax data of members of the public is deficient for this reason. The Tax and Customs Administration is breaking the law, in particular Articles 13, 14, 15 of the Dutch Personal Data Protection Act.

The state secretary of Finance, who has responsibility for the Tax and Customs Administration, has announced measures to correct the irregularities.

Mieke Eversteijn
Criminal law attorney
mieke.eversteijn@vmwtaxand.nl

Please click here to to find out more about what our specialist practice groups have to offer in the field of privacy law.