Fifth supplementary memorandum submitted
by the Inland Revenue
1. The Department is now in its third year
of offering a free Internet service for self assessment whereby
taxpayers who choose to do so can file their tax return online.
This service supplements the Electronic Lodgement Service (ELS)
which provides a service for agents to file electronically using
commercial software packages and over Electronic Data Interchanges
(EDI) lines. The numbers who have successfully filed via these
|2002-03 (To date)||27,099
|* FBI introduced 2000-01.|
2. Throughout the period the Department has followed
a strategy of encouraging the software industry to develop commercial
products for the Internet service while providing a basic, and
free, Inland Revenue product. All products are directly accessible
via the Inland Revenue website. This was made possible because
the Department was at the vanguard of using the then emerging
standards for internet products and in particular the joint development
in full collaboration with the software industry of "XML
schema" - the basic technical building blocks for the online
products. Any product adopting these schemes can pass electronic
data directly to the Department. In practice the Inland Revenue
product has been by far and away the most popular vehicle. Last
year 88 per cent of filers used the Inland Revenue product.
3. The Department has evolved the product in the light
of both experience and technology developments. The product used
in the first year required the issue of a CD-Rom - which was then
the most popular approach throughout the industry. This presented
some problems. Any "bugs" in the product, for example,
could only be addressed by sending updated CD-Roms. Some computers,
for example Apple Macs, could not be used. The second year product
was an internet-based form online but restricted to the 3 main
schedules. This was deliberate to encourage the software industry
to create products. But, in the light of the popularity of the
Inland Revenue product and lower than forecast take up rates,
it was decided that this year's product should cover the main
schedules covering 91.47 per cent of the SA population not represented
by agents. A separate agent service was developed in August 2001.
We have designed the product to make the filing experience as
straightforward as possible for the taxpayer. Key features include:
a Q&A approach so that only relevant questions
a facility to store a part-completed return
online help including, for example, pop-up tables
to record interest from different accounts
item by item validation so that incorrect entries
can be flagged back to the taxpayer.
Electronically filed returns are automatically entered on
Revenue systems, rather than manually keyed from paper returns.
The overall process is much accelerated and repayments, for example,
are made in days.
4. Take up rates are a key issue. The table below shows
graphically the encouraging and upward trend.
5. The blip in this year's figures was caused by the
security incident which caused us to take the service down at
the end of May. On the weekend of 25 and 26 May, four customers
contacted the department's Electronic Business Unit Helpdesk to
report seeing information on another person's return while using
the online self assessment service. Customers could also add or
overwrite information on that other person's return. The Revenue's
online service was withdrawn although taxpayers could continue
to use alternative products. Subsequently a further nine contacts
were received from customers making 13 in all.
6. The department takes taxpayer confidentiality very
seriously and once the service was withdrawn an immediate investigation
was started involving the department's strategic partners EDS,
the e-Envoy's Office, and an independent specialist Internet security
company. It was quickly established that the systems were not
7. The department has now completed what was a thorough
and exhaustive review and the service was successfully restored
on Friday 28 June. The reason for the problem, in the event, turned
out to be very complex. In summary, we found aspects of our own
technical design meant that we were vulnerable to someone outside
our control storing information that they should not have stored.
This in turn meant that two different people could share an online
"session" because our system thought they were the same
person. That is how some people were able to see another person's
information. In nearly all cases, the problem manifested itself
through customers of one Internet service provider (ISP). But
ISPs out-source or subcontract many of their services including
storing information, so the picture is complex, and it would not
be fair to single out one ISP for blame.
8. We have already made a number of changes to ensure
that this will not happen again. These will ensure that we improve
our own design so that we are not vulnerable to bad practices
by others outside our control. The approach is very much a belt
and braces one, based on fixing the problems but also fitting
alarms so that we can act immediately if two users ever share
the same session again.
9. As part of the review we have taken active steps to
establish how many customers may have had their details seen by
someone else. This has been an enormous exercise, because we had
to go right back to 6 April, involving literally millions of computer
logs, but we took the view that it was vital for customer confidence
and the Department's reputation that we established as much certainty
as we could.
10. We now know that 27,967 taxpayers have used SA Online
without details being seen by anyone else. There are 47 cases
where the returns could have been seen by someone else
(even though this may have been only the pre-populated name and
address) and a further 665 cases where we cannot be certain that
someone's tax return was not seen by another person, but have
no reason to believe that it was. We have written to all the taxpayers
who were or could have been affected, or their representatives.
In the interests of confidentiality we will be deleting the relevant
records in SA Online. The response from those affected to date
has been remarkably positive. The most common query to our Helpline
has been to ask when the service was going to be restored.
11. The department recognises that there are lessons
to be drawn from incidents like this one: some of them raise wider
issues of internet security more generally. The department is
now working actively with the e-Envoy's office to ensure that
these lessons are shared more widely.
12. Since the service was restored take up volumes are
coming near to the peak levels experienced last September, an
encouraging sign that the speed with which the department reacted
to the problem and the thoroughness of its examination has paid
17 July 2002